adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/56e92123-fd6c-44cc-a842-42c0950d210f.json

7726 lines
2.1 MiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--56e92123-fd6c-44cc-a842-42c0950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:58.000Z",
"modified": "2016-03-16T14:45:58.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--56e92123-fd6c-44cc-a842-42c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:58.000Z",
"modified": "2016-03-16T14:45:58.000Z",
"name": "Malspam (2016-03-16) - Locky",
"published": "2016-03-16T15:01:45Z",
"object_refs": [
"indicator--56e9214f-e09c-4b3d-a46f-4d14950d210f",
"indicator--56e92150-bdbc-4a9c-ac1b-42b9950d210f",
"indicator--56e92150-5e1c-4da0-a961-4258950d210f",
"indicator--56e92150-7520-45a0-a4ad-4df7950d210f",
"indicator--56e92151-60f4-475a-a32b-40dc950d210f",
"indicator--56e92151-e518-46ec-88e7-4577950d210f",
"indicator--56e92151-f660-4e63-8430-4e64950d210f",
"indicator--56e92152-0528-440d-abb7-4534950d210f",
"indicator--56e92152-2d34-4582-9c60-43c7950d210f",
"indicator--56e92152-125c-4dab-8876-4861950d210f",
"indicator--56e92153-a684-42b5-b35f-4de4950d210f",
"indicator--56e92153-fec4-4c8f-b985-4e79950d210f",
"indicator--56e92153-3e94-4326-a73f-46b1950d210f",
"indicator--56e92154-7c10-494d-8140-4af1950d210f",
"indicator--56e92154-df50-4ed4-9178-4d1b950d210f",
"indicator--56e92154-bf24-4971-a4df-46ab950d210f",
"indicator--56e92155-6948-4b67-95a4-4f6e950d210f",
"indicator--56e92155-f604-470c-89e8-4dfa950d210f",
"indicator--56e92155-a660-40da-933b-4db4950d210f",
"indicator--56e92156-1058-4beb-bb3e-41c7950d210f",
"indicator--56e92156-a3fc-431e-b659-49f9950d210f",
"indicator--56e92156-69ec-4274-b49a-4acd950d210f",
"indicator--56e92156-a3cc-4f34-89d9-4af4950d210f",
"indicator--56e92157-2f38-4d93-bce0-4bed950d210f",
"indicator--56e92157-e920-4548-9caa-4cf5950d210f",
"indicator--56e92157-0e7c-499b-9082-412c950d210f",
"indicator--56e92158-07e8-4248-ad30-4ce3950d210f",
"indicator--56e92158-c134-4fe2-b00c-4cf6950d210f",
"indicator--56e92158-856c-4f5e-9ed9-4844950d210f",
"indicator--56e92159-9660-4687-b042-4fe1950d210f",
"indicator--56e92159-cf44-43cb-81bd-4bc9950d210f",
"indicator--56e92159-c740-4df3-84ef-48a5950d210f",
"indicator--56e9215a-a7e0-4d12-89d5-42ee950d210f",
"indicator--56e9215a-8b90-48a5-8211-4c7b950d210f",
"indicator--56e9215a-42e4-458d-be61-40fb950d210f",
"indicator--56e9215a-5e9c-4c0d-afc2-487a950d210f",
"indicator--56e9215b-5eb8-4373-b0e8-40ef950d210f",
"indicator--56e9215b-0084-4fe1-ba06-470f950d210f",
"indicator--56e9215c-2d00-4920-860b-454d950d210f",
"indicator--56e9215c-876c-4e3b-83dc-4ce5950d210f",
"indicator--56e9215c-aa88-4574-8285-4aa2950d210f",
"indicator--56e9215c-7350-446f-b1a9-44d8950d210f",
"indicator--56e9215d-4b58-4503-9f74-40b5950d210f",
"indicator--56e9215d-3c98-4f39-91f3-425f950d210f",
"indicator--56e9215d-3360-4592-bd2a-4091950d210f",
"indicator--56e9215e-89f4-49ee-9095-4e2c950d210f",
"indicator--56e9215e-1ef4-49ab-9edc-426b950d210f",
"indicator--56e9215f-6fec-4f6d-8fb2-4d03950d210f",
"indicator--56e9215f-3200-497a-a720-4c51950d210f",
"indicator--56e9215f-c6c8-4d9b-bebd-429e950d210f",
"indicator--56e9215f-4634-42b4-8f9d-4fc7950d210f",
"indicator--56e92160-3690-4576-b5a2-49f8950d210f",
"indicator--56e92160-f2ec-4739-87e2-4b79950d210f",
"indicator--56e92160-c320-4eab-8cf7-4341950d210f",
"indicator--56e92161-a078-4dfd-a20a-41f9950d210f",
"indicator--56e92161-50cc-45d2-b908-42da950d210f",
"indicator--56e92161-45a8-416e-9ac1-45a8950d210f",
"indicator--56e92162-0730-49a2-ad8e-4490950d210f",
"indicator--56e92162-8134-4df1-b602-4216950d210f",
"indicator--56e92162-d6dc-465f-866f-4728950d210f",
"indicator--56e92163-14ac-49c0-ab4b-444c950d210f",
"indicator--56e92163-ffc4-44b9-ba37-4ed7950d210f",
"indicator--56e92163-be38-4cc8-92ec-4565950d210f",
"indicator--56e92164-dba0-4ac1-a102-45e8950d210f",
"indicator--56e92164-0ae4-4929-be0b-42a0950d210f",
"indicator--56e92164-c7b0-430c-9be6-4d71950d210f",
"indicator--56e92165-7cc4-4d19-9fc5-429a950d210f",
"indicator--56e92165-f064-45f2-86a8-4176950d210f",
"indicator--56e92165-a960-4725-99c9-46eb950d210f",
"indicator--56e92166-0164-4a9c-8f22-45eb950d210f",
"indicator--56e92166-835c-4451-92e1-448a950d210f",
"indicator--56e92166-62cc-4492-96d4-4916950d210f",
"indicator--56e92167-ee88-4cff-b4c8-4b8b950d210f",
"indicator--56e92167-d514-43b9-b540-4b03950d210f",
"indicator--56e92167-dacc-492e-8d5b-4728950d210f",
"indicator--56e959a7-df94-475e-b7db-4d20950d210f",
"indicator--56e959a7-cb70-4b23-9791-4c08950d210f",
"indicator--56e959a7-552c-48b9-bb14-4f92950d210f",
"indicator--56e959a8-3cc8-40b6-b67f-4de4950d210f",
"indicator--56e959a8-c0fc-4bd1-b6d0-418c950d210f",
"indicator--56e959a8-ddac-4258-856e-48ba950d210f",
"indicator--56e959a9-5d54-4f6c-b997-4875950d210f",
"indicator--56e959a9-9a60-4d4e-9613-4c26950d210f",
"indicator--56e959a9-232c-490f-9b72-470c950d210f",
"indicator--56e959aa-e224-4ff8-9f6f-40c2950d210f",
"indicator--56e959aa-d900-4f11-bc44-46f1950d210f",
"indicator--56e959aa-83a0-4947-89cf-4923950d210f",
"indicator--56e959ab-aa30-40b1-bfdf-4bc5950d210f",
"indicator--56e959ab-d0f0-4bed-8ecf-4694950d210f",
"indicator--56e959ab-1724-4f54-a172-4554950d210f",
"indicator--56e959ac-62cc-40e8-acf6-4685950d210f",
"indicator--56e959ac-98b0-46ae-87ce-44c3950d210f",
"indicator--56e959ac-9960-48ed-b166-4db9950d210f",
"indicator--56e959ad-0ea4-4956-a032-4f6f950d210f",
"indicator--56e959ad-6708-4adf-a621-4b51950d210f",
"indicator--56e959ad-845c-42a2-b42c-4086950d210f",
"indicator--56e959ae-fc0c-4581-ba82-45fb950d210f",
"indicator--56e959ae-b180-4f2a-9b17-4adb950d210f",
"indicator--56e959ae-f8cc-433b-937b-4b3d950d210f",
"indicator--56e959af-d23c-4e72-a0af-48d6950d210f",
"indicator--56e959af-60b0-4ab7-9a6f-4fb5950d210f",
"indicator--56e959af-ae68-4926-ba66-4fa4950d210f",
"indicator--56e959b0-ba40-46eb-a685-4ecf950d210f",
"indicator--56e959b0-371c-4e2e-99be-47cc950d210f",
"indicator--56e959b0-d1e8-4543-899b-476e950d210f",
"indicator--56e95edd-961c-4f8a-a499-4883950d210f",
"indicator--56e95ede-b7d4-4aee-b4f8-4789950d210f",
"indicator--56e95ede-fba4-4ca9-9bff-4c8b950d210f",
"indicator--56e95edf-1738-4237-be75-46fb950d210f",
"indicator--56e95ee0-6afc-4f69-ae3d-47eb950d210f",
"indicator--56e95ee0-71f0-4920-85cf-42ac950d210f",
"indicator--56e95ee1-4ac0-4173-86ad-4520950d210f",
"indicator--56e95ee1-57fc-4af6-bdc4-4083950d210f",
"indicator--56e95ee2-0ecc-4663-a0e8-49fd950d210f",
"indicator--56e95ee3-de40-40f9-b60b-43a0950d210f",
"indicator--56e95ee3-970c-443b-8bf6-48ba950d210f",
"indicator--56e95ee4-8894-41fa-b296-4773950d210f",
"indicator--56e95ee5-7af4-4de2-95a8-42bf950d210f",
"indicator--56e95ee5-efcc-4d15-95ef-492f950d210f",
"indicator--56e95ee6-88a8-4278-bdb4-47d9950d210f",
"indicator--56e95ee7-8f78-47d6-8104-445b950d210f",
"indicator--56e95ee7-30c8-4d1b-9131-4b6e950d210f",
"indicator--56e95ee8-010c-4f2a-a057-474d950d210f",
"indicator--56e95ee9-5464-46c7-a81f-4791950d210f",
"indicator--56e95ee9-fa9c-4d5c-8087-4c11950d210f",
"indicator--56e95eea-0780-4af9-aa0b-487c950d210f",
"indicator--56e95eeb-da9c-43eb-b5b4-40a9950d210f",
"indicator--56e95eeb-c7c8-483a-b946-47dd950d210f",
"indicator--56e95eec-ca24-4e96-9fd5-4101950d210f",
"indicator--56e95eed-6490-44d5-b9c9-4a51950d210f",
"indicator--56e95eee-b288-4002-9229-4e94950d210f",
"indicator--56e95eee-1404-43e6-a96d-4a2f950d210f",
"indicator--56e95eef-d668-4c3f-bf4b-4599950d210f",
"indicator--56e95ef0-3ae0-4bfc-a1f6-4b11950d210f",
"indicator--56e95ef0-9fe8-4af9-a52d-49c4950d210f",
"indicator--56e95f0b-a670-4322-8c6e-4d6a950d210f",
"indicator--56e95f0b-e79c-4833-a7d6-4504950d210f",
"indicator--56e95f0c-7890-47cb-9d76-4d15950d210f",
"indicator--56e95f0c-5184-43ce-a0be-4ffb950d210f",
"indicator--56e95f0d-7af8-4289-a90c-4cd9950d210f",
"indicator--56e95f0d-acc8-43c3-82ac-4614950d210f",
"indicator--56e95f0d-3d5c-4ec3-bc5a-44d5950d210f",
"indicator--56e95f0e-ebb4-4ab2-9478-41e6950d210f",
"indicator--56e95f0e-978c-4a11-be78-4d36950d210f",
"indicator--56e95f0e-223c-4667-b73f-466a950d210f",
"indicator--56e95f0f-d66c-49d3-b217-428d950d210f",
"indicator--56e95f0f-4078-43a6-8610-4ec7950d210f",
"indicator--56e95f0f-1958-4742-9430-4d68950d210f",
"indicator--56e95f10-7c84-4cf2-8824-4015950d210f",
"indicator--56e95f10-af78-4de1-ac1b-428a950d210f",
"indicator--56e95f10-bbd8-42cb-9a87-4c65950d210f",
"indicator--56e97166-d068-428e-89ed-5ef5950d210f",
"indicator--56e97167-eecc-4873-88ea-5ef5950d210f",
"indicator--56e97167-fcac-4aaa-938e-5ef5950d210f",
"indicator--56e97168-ec9c-4cdf-b182-5ef5950d210f",
"indicator--56e97169-0d6c-43c4-ab35-5ef5950d210f",
"indicator--56e97169-b300-4338-ba53-5ef5950d210f",
"indicator--56e9716a-e9ac-4cc7-b447-5ef5950d210f",
"indicator--56e9716a-c86c-46d2-a271-5ef5950d210f",
"indicator--56e9716b-bbf0-4fd1-ad40-5ef5950d210f",
"indicator--56e9716b-268c-47f5-a08e-5ef5950d210f",
"indicator--56e9716c-2780-4fa6-bb5c-5ef5950d210f",
"indicator--56e9716d-b0b0-41a6-9546-5ef5950d210f",
"indicator--56e9716d-2060-4513-8a65-5ef5950d210f",
"indicator--56e9716e-bc28-45e9-97a0-5ef5950d210f",
"indicator--56e9716e-d21c-45ac-8a51-5ef5950d210f",
"indicator--56e9716f-9040-4070-8555-5ef5950d210f",
"indicator--56e97170-07c0-4e9b-925f-5ef5950d210f",
"indicator--56e97170-8e20-4d97-8cfb-5ef5950d210f",
"indicator--56e97171-ce3c-4816-90b5-5ef5950d210f",
"indicator--56e97172-1370-4838-9ce7-5ef5950d210f",
"indicator--56e97172-a268-4468-b52b-5ef5950d210f",
"indicator--56e97173-08dc-4be7-888c-5ef5950d210f",
"indicator--56e97173-6564-49b2-a5f6-5ef5950d210f",
"indicator--56e97174-2974-4c9c-975f-5ef5950d210f",
"indicator--56e97175-3ab0-400b-a1ef-5ef5950d210f",
"indicator--56e97175-c064-4e6a-9d72-5ef5950d210f",
"indicator--56e97176-ce74-4d1b-9b4a-5ef5950d210f",
"indicator--56e97177-4ec8-42cd-87da-5ef5950d210f",
"indicator--56e97178-9f80-4161-a952-5ef5950d210f",
"indicator--56e97178-2cb4-4c1d-b775-5ef5950d210f",
"indicator--56e97179-fd74-40fd-8ceb-5ef5950d210f",
"indicator--56e9717a-0eb8-46a8-bdaa-5ef5950d210f",
"indicator--56e9717a-2a34-494c-a149-5ef5950d210f",
"indicator--56e9717b-edc4-4011-a0d7-5ef5950d210f",
"indicator--56e9717c-99e0-4f9f-806f-5ef5950d210f",
"indicator--56e9717c-35a0-4edc-ba7e-5ef5950d210f",
"indicator--56e9717d-0fe4-493f-a9ab-5ef5950d210f",
"indicator--56e9717d-f1bc-4090-b651-5ef5950d210f",
"indicator--56e9717e-ff28-490d-8c53-5ef5950d210f",
"indicator--56e9717f-03e0-4920-a0d9-5ef5950d210f",
"indicator--56e97180-0498-47e3-83f5-5ef5950d210f",
"indicator--56e97180-ecac-4c92-8686-5ef5950d210f",
"indicator--56e97181-d3f0-4298-9090-5ef5950d210f",
"indicator--56e97182-5f68-4766-867a-5ef5950d210f",
"indicator--56e97182-a914-4b59-80f9-5ef5950d210f",
"indicator--56e97183-32d8-4e0c-99ca-5ef5950d210f",
"indicator--56e97183-f304-444a-a01e-5ef5950d210f",
"indicator--56e97184-ee70-4bab-b42a-5ef5950d210f",
"indicator--56e97184-5de8-4df3-ae65-5ef5950d210f",
"indicator--56e97185-96ac-4740-90b2-5ef5950d210f",
"indicator--56e97186-3348-4f8f-b521-5ef5950d210f",
"indicator--56e97187-9be0-4d9c-a1a1-5ef5950d210f",
"indicator--56e97187-fb0c-4b5f-a322-5ef5950d210f",
"indicator--56e97188-ef98-4237-8345-5ef5950d210f",
"indicator--56e97189-b310-4f83-875b-5ef5950d210f",
"indicator--56e97189-32c4-457a-ac40-5ef5950d210f",
"indicator--56e9718a-daf4-44f8-afca-5ef5950d210f",
"indicator--56e9718b-d4d0-4deb-aa49-5ef5950d210f",
"indicator--56e9718b-ccec-484f-a1f3-5ef5950d210f",
"indicator--56e9718c-0034-402a-9fb2-5ef5950d210f",
"observed-data--56e971a7-debc-4672-aec3-44fd02de0b81",
"url--56e971a7-debc-4672-aec3-44fd02de0b81",
"observed-data--56e971a7-3d9c-4b76-be74-45f602de0b81",
"url--56e971a7-3d9c-4b76-be74-45f602de0b81",
"observed-data--56e971a7-babc-441c-a37c-43de02de0b81",
"url--56e971a7-babc-441c-a37c-43de02de0b81",
"observed-data--56e971a8-3eec-418b-83d7-421c02de0b81",
"url--56e971a8-3eec-418b-83d7-421c02de0b81",
"observed-data--56e971a8-7d0c-41f5-90fd-45f902de0b81",
"url--56e971a8-7d0c-41f5-90fd-45f902de0b81",
"observed-data--56e971a8-65fc-4f7a-8ffd-473002de0b81",
"url--56e971a8-65fc-4f7a-8ffd-473002de0b81",
"observed-data--56e971a9-b99c-4fe5-9a36-480b02de0b81",
"url--56e971a9-b99c-4fe5-9a36-480b02de0b81",
"observed-data--56e971a9-7f2c-4397-85c7-42f602de0b81",
"url--56e971a9-7f2c-4397-85c7-42f602de0b81",
"observed-data--56e971a9-cb20-453b-a512-410802de0b81",
"url--56e971a9-cb20-453b-a512-410802de0b81",
"observed-data--56e971ab-d234-40c2-833b-4e4a02de0b81",
"url--56e971ab-d234-40c2-833b-4e4a02de0b81",
"observed-data--56e971ab-4c98-49e4-bb93-4df302de0b81",
"url--56e971ab-4c98-49e4-bb93-4df302de0b81",
"observed-data--56e971ac-3cb4-4870-b80f-4bcf02de0b81",
"url--56e971ac-3cb4-4870-b80f-4bcf02de0b81",
"observed-data--56e971ac-8848-4e99-9e31-478902de0b81",
"url--56e971ac-8848-4e99-9e31-478902de0b81",
"observed-data--56e971ac-5814-427e-a44b-476b02de0b81",
"url--56e971ac-5814-427e-a44b-476b02de0b81",
"observed-data--56e971ad-c4a0-4f57-9795-4aa302de0b81",
"url--56e971ad-c4a0-4f57-9795-4aa302de0b81",
"observed-data--56e971ad-8b94-4f7f-bc83-40ec02de0b81",
"url--56e971ad-8b94-4f7f-bc83-40ec02de0b81",
"observed-data--56e971ae-86e0-4cee-afcb-4ab402de0b81",
"url--56e971ae-86e0-4cee-afcb-4ab402de0b81",
"observed-data--56e971ae-bfd8-4feb-a21d-4f2002de0b81",
"url--56e971ae-bfd8-4feb-a21d-4f2002de0b81",
"observed-data--56e971ae-2e18-4e5a-9c62-425d02de0b81",
"url--56e971ae-2e18-4e5a-9c62-425d02de0b81",
"observed-data--56e971af-23ac-4c22-9e19-418302de0b81",
"url--56e971af-23ac-4c22-9e19-418302de0b81",
"observed-data--56e971af-9ed0-4d53-98a0-447602de0b81",
"url--56e971af-9ed0-4d53-98a0-447602de0b81",
"observed-data--56e971af-23d0-46b8-939c-4f5102de0b81",
"url--56e971af-23d0-46b8-939c-4f5102de0b81",
"observed-data--56e971b0-e124-4a23-bef8-469102de0b81",
"url--56e971b0-e124-4a23-bef8-469102de0b81",
"observed-data--56e971b0-9084-4dcd-8b57-409302de0b81",
"url--56e971b0-9084-4dcd-8b57-409302de0b81",
"observed-data--56e971b0-760c-485e-8f52-496602de0b81",
"url--56e971b0-760c-485e-8f52-496602de0b81",
"observed-data--56e971b1-5594-48e2-9e68-45f102de0b81",
"url--56e971b1-5594-48e2-9e68-45f102de0b81",
"observed-data--56e971b1-5b24-434a-a98a-4d8e02de0b81",
"url--56e971b1-5b24-434a-a98a-4d8e02de0b81",
"observed-data--56e971b2-16e0-49ab-9fd7-4cb502de0b81",
"url--56e971b2-16e0-49ab-9fd7-4cb502de0b81",
"observed-data--56e971b2-91c0-467d-b76b-44cd02de0b81",
"url--56e971b2-91c0-467d-b76b-44cd02de0b81",
"observed-data--56e971b2-9d24-464a-ad97-4fdf02de0b81",
"url--56e971b2-9d24-464a-ad97-4fdf02de0b81",
"indicator--56e9613b-aa58-46d7-8843-4679950d210f",
"indicator--56e9613e-79fc-445d-a132-5391950d210f",
"indicator--56e96140-55c8-4356-8062-4b29950d210f",
"indicator--56e96141-03e4-4e0a-ae9d-4e1e950d210f",
"indicator--56e96143-51d0-4411-b49e-4cd4950d210f",
"indicator--56e973ea-3f00-4b1b-98be-4b76950d210f",
"indicator--56e973ea-bf04-43b7-9ce3-4f40950d210f",
"indicator--56e973eb-db50-4c60-b7a2-4408950d210f",
"indicator--56e973ec-a17c-48b5-b2ba-42d5950d210f",
"indicator--56e973ed-5688-4903-8669-4438950d210f",
"indicator--56e973ed-f030-4255-a33b-4fcc950d210f",
"indicator--56e973ee-d038-42c1-83d4-45da950d210f",
"indicator--56e973ef-b84c-40e7-a3fd-4c3a950d210f",
"indicator--56e973ef-2bfc-4731-84c3-41ba950d210f",
"indicator--56e973f0-4308-496e-a8bc-40f6950d210f",
"indicator--56e973f1-d294-40f1-82db-40fa950d210f",
"indicator--56e973f1-97b4-4e99-980c-48f3950d210f",
"indicator--56e973f2-85b0-4ad0-a701-48b9950d210f",
"indicator--56e973f3-aec0-4cff-90ff-4931950d210f",
"indicator--56e973f3-38bc-4c8c-a43d-4dbb950d210f",
"indicator--56e973f4-4100-4463-b578-47b2950d210f",
"indicator--56e973f5-6064-4cc5-bb48-4e38950d210f",
"indicator--56e973f6-c74c-4424-be17-4df0950d210f",
"indicator--56e973f6-1964-4932-9840-411a950d210f",
"indicator--56e973f7-46f8-49f7-a4f5-4c46950d210f",
"indicator--56e973f8-ed18-43da-a269-49ae950d210f",
"indicator--56e973f8-13d0-46b1-902d-45e6950d210f",
"indicator--56e973f9-c808-4909-9212-496c950d210f",
"indicator--56e973fa-0508-4ffb-ad7b-4a38950d210f",
"indicator--56e973fa-c8b4-4907-9ec1-4cb8950d210f",
"indicator--56e973fb-1650-4f82-bb63-4b82950d210f",
"indicator--56e973fc-ad04-4592-bde5-44c8950d210f",
"indicator--56e973fd-8894-473a-9f8b-4a07950d210f",
"indicator--56e973fd-ce98-416f-ade4-4ea0950d210f",
"indicator--56e973fe-3210-4c33-8961-48da950d210f",
"indicator--56e973ff-4380-494d-a699-4979950d210f",
"indicator--56e973ff-61a8-489c-94c7-456d950d210f",
"indicator--56e97400-73a8-417d-b1a9-4ce3950d210f",
"indicator--56e97401-3334-474e-887c-4212950d210f",
"indicator--56e97401-7364-4fe6-b2b0-46c0950d210f",
"indicator--56e97402-aef0-497b-b482-4211950d210f",
"indicator--56e97403-31a8-4fc0-9efc-470c950d210f",
"indicator--56e97404-7954-47f4-82f0-48d9950d210f",
"indicator--56e97404-1844-4a30-84fb-4c07950d210f",
"indicator--56e97405-d2a0-4579-9ca8-49b0950d210f",
"indicator--56e97405-7240-4070-a084-4098950d210f",
"indicator--56e97406-f32c-4e25-b980-42ef950d210f",
"indicator--56e97406-7bc4-4843-ac46-46cb950d210f",
"indicator--56e97407-4554-4663-81f8-4124950d210f",
"indicator--56e97408-8864-404b-b96f-4975950d210f",
"indicator--56e97409-99c8-4f91-945d-40a6950d210f",
"indicator--56e97409-def8-4796-95ff-4996950d210f",
"indicator--56e9740a-b204-4418-aa0b-4cc6950d210f",
"indicator--56e9740b-a7f4-49c9-b61f-48cb950d210f",
"indicator--56e9740b-5e6c-4c8e-8be5-49ec950d210f",
"indicator--56e9740c-eaf0-4c32-8a34-457f950d210f",
"indicator--56e9740d-7160-4beb-9250-41c7950d210f",
"indicator--56e9740d-4b40-419b-bfdf-4810950d210f",
"indicator--56e9740e-72b8-4457-a309-49b8950d210f",
"indicator--56e9740f-ec3c-4670-b7df-451c950d210f",
"indicator--56e97410-709c-4f9f-ab29-4269950d210f",
"indicator--56e97410-6314-4dad-9f8b-4811950d210f",
"indicator--56e97411-8b54-4dc0-b102-4b2e950d210f",
"indicator--56e97411-87d4-4d96-adfd-4e28950d210f",
"indicator--56e97412-b73c-4fb8-ac25-43da950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9214f-e09c-4b3d-a46f-4d14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:11.000Z",
"modified": "2016-03-16T09:03:11.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://academiasuperior.net/wp-includes/rest-api/5h45hg4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92150-bdbc-4a9c-ac1b-42b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:12.000Z",
"modified": "2016-03-16T09:03:12.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'academiasuperior.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92150-5e1c-4da0-a961-4258950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:12.000Z",
"modified": "2016-03-16T09:03:12.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '167.88.166.219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92150-7520-45a0-a4ad-4df7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:12.000Z",
"modified": "2016-03-16T09:03:12.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://art-studia-sharm.com.ua/libraries/simplepie/765g473bf34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92151-60f4-475a-a32b-40dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:13.000Z",
"modified": "2016-03-16T09:03:13.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'art-studia-sharm.com.ua']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92151-e518-46ec-88e7-4577950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:13.000Z",
"modified": "2016-03-16T09:03:13.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.234.35.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92151-f660-4e63-8430-4e64950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:13.000Z",
"modified": "2016-03-16T09:03:13.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://croqqer.org/wp-content/uploads/5h45hg4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92152-0528-440d-abb7-4534950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:14.000Z",
"modified": "2016-03-16T09:03:14.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'croqqer.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92152-2d34-4582-9c60-43c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:14.000Z",
"modified": "2016-03-16T09:03:14.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.157.81.121']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92152-125c-4dab-8876-4861950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:14.000Z",
"modified": "2016-03-16T09:03:14.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://electime.com/wp-content/themes/765g473bf34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92153-a684-42b5-b35f-4de4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:15.000Z",
"modified": "2016-03-16T09:03:15.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'electime.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92153-fec4-4c8f-b985-4e79950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:15.000Z",
"modified": "2016-03-16T09:03:15.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.101.153.31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92153-3e94-4326-a73f-46b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:15.000Z",
"modified": "2016-03-16T09:03:15.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://elogistic.ir/wp-admin/network/87hg8n54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92154-7c10-494d-8140-4af1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:16.000Z",
"modified": "2016-03-16T09:03:16.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'elogistic.ir']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92154-df50-4ed4-9178-4d1b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:16.000Z",
"modified": "2016-03-16T09:03:16.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '136.243.138.13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92154-bf24-4971-a4df-46ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:16.000Z",
"modified": "2016-03-16T09:03:16.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://fashion-girl.od.ua/catalog/controller/87hg8n54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92155-6948-4b67-95a4-4f6e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:17.000Z",
"modified": "2016-03-16T09:03:17.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'fashion-girl.od.ua']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92155-f604-470c-89e8-4dfa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:17.000Z",
"modified": "2016-03-16T09:03:17.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://livewireradio.net/wp-admin/js/765g473bf34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92155-a660-40da-933b-4db4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:17.000Z",
"modified": "2016-03-16T09:03:17.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'livewireradio.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92156-1058-4beb-bb3e-41c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:18.000Z",
"modified": "2016-03-16T09:03:18.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://maxbeauty.dp.ua/administrator/manifests/765g473bf34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92156-a3fc-431e-b659-49f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:18.000Z",
"modified": "2016-03-16T09:03:18.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'maxbeauty.dp.ua']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92156-69ec-4274-b49a-4acd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:18.000Z",
"modified": "2016-03-16T09:03:18.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://risetravel.net/wp-includes/theme-compat/765g473bf34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92156-a3cc-4f34-89d9-4af4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:18.000Z",
"modified": "2016-03-16T09:03:18.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'risetravel.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92157-2f38-4d93-bce0-4bed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:19.000Z",
"modified": "2016-03-16T09:03:19.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.195.104.27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92157-e920-4548-9caa-4cf5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:19.000Z",
"modified": "2016-03-16T09:03:19.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://sales-teleselling.eu.org/wp-includes/fonts/5h45hg4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92157-0e7c-499b-9082-412c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:19.000Z",
"modified": "2016-03-16T09:03:19.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'sales-teleselling.eu.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92158-07e8-4248-ad30-4ce3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:20.000Z",
"modified": "2016-03-16T09:03:20.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://snosto.com/wp-admin/includes/i75rg456']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92158-c134-4fe2-b00c-4cf6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:20.000Z",
"modified": "2016-03-16T09:03:20.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'snosto.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92158-856c-4f5e-9ed9-4844950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:20.000Z",
"modified": "2016-03-16T09:03:20.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.205.57.21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92159-9660-4687-b042-4fe1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:21.000Z",
"modified": "2016-03-16T09:03:21.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://test.sharmx.com.ua/sdideep/87hg8n54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92159-cf44-43cb-81bd-4bc9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:21.000Z",
"modified": "2016-03-16T09:03:21.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'test.sharmx.com.ua']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92159-c740-4df3-84ef-48a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:21.000Z",
"modified": "2016-03-16T09:03:21.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://vfwuc.eu.org/wp-content/uploads/5h45hg4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215a-a7e0-4d12-89d5-42ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:22.000Z",
"modified": "2016-03-16T09:03:22.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'vfwuc.eu.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215a-8b90-48a5-8211-4c7b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:22.000Z",
"modified": "2016-03-16T09:03:22.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://workplace-communication.eu.org/wp-includes/pomo/5h45hg4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215a-42e4-458d-be61-40fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:22.000Z",
"modified": "2016-03-16T09:03:22.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'workplace-communication.eu.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215a-5e9c-4c0d-afc2-487a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:22.000Z",
"modified": "2016-03-16T09:03:22.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.aebnworld.com/98o7kj56h']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215b-5eb8-4373-b0e8-40ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:23.000Z",
"modified": "2016-03-16T09:03:23.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.aebnworld.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215b-0084-4fe1-ba06-470f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:23.000Z",
"modified": "2016-03-16T09:03:23.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.185.228.127']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215c-2d00-4920-860b-454d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:23.000Z",
"modified": "2016-03-16T09:03:23.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.aggiesaquariums.com.au/wp-includes/y78hiuok']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215c-876c-4e3b-83dc-4ce5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:24.000Z",
"modified": "2016-03-16T09:03:24.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.aggiesaquariums.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215c-aa88-4574-8285-4aa2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:24.000Z",
"modified": "2016-03-16T09:03:24.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '116.0.20.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215c-7350-446f-b1a9-44d8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:24.000Z",
"modified": "2016-03-16T09:03:24.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.almraah.com/wp-content/uploads/y78hiuok']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215d-4b58-4503-9f74-40b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:25.000Z",
"modified": "2016-03-16T09:03:25.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.almraah.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215d-3c98-4f39-91f3-425f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:25.000Z",
"modified": "2016-03-16T09:03:25.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'almraah.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215d-3360-4592-bd2a-4091950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:25.000Z",
"modified": "2016-03-16T09:03:25.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.97.50.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215e-89f4-49ee-9095-4e2c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:26.000Z",
"modified": "2016-03-16T09:03:26.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.freeadultcontent.us/98o7kj56h']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215e-1ef4-49ab-9edc-426b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:26.000Z",
"modified": "2016-03-16T09:03:26.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.freeadultcontent.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215f-6fec-4f6d-8fb2-4d03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:27.000Z",
"modified": "2016-03-16T09:03:27.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.freepussyshow.com/9oi654gh3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215f-3200-497a-a720-4c51950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:27.000Z",
"modified": "2016-03-16T09:03:27.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.freepussyshow.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215f-c6c8-4d9b-bebd-429e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:27.000Z",
"modified": "2016-03-16T09:03:27.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.gruposdemediosrrr.com/9oi654gh3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9215f-4634-42b4-8f9d-4fc7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:27.000Z",
"modified": "2016-03-16T09:03:27.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.gruposdemediosrrr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92160-3690-4576-b5a2-49f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:28.000Z",
"modified": "2016-03-16T09:03:28.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'gruposdemediosrrr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92160-f2ec-4739-87e2-4b79950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:28.000Z",
"modified": "2016-03-16T09:03:28.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.0.86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92160-c320-4eab-8cf7-4341950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:28.000Z",
"modified": "2016-03-16T09:03:28.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.kidshealingcrohnsandcolitis.com/8y7hybigv']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92161-a078-4dfd-a20a-41f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:29.000Z",
"modified": "2016-03-16T09:03:29.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.kidshealingcrohnsandcolitis.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92161-50cc-45d2-b908-42da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:29.000Z",
"modified": "2016-03-16T09:03:29.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'kidshealingcrohnsandcolitis.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92161-45a8-416e-9ac1-45a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:29.000Z",
"modified": "2016-03-16T09:03:29.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.195.124.132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92162-0730-49a2-ad8e-4490950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:30.000Z",
"modified": "2016-03-16T09:03:30.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.kidshealingcrohnsandcolitis.org/8y7hybigv']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92162-8134-4df1-b602-4216950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:30.000Z",
"modified": "2016-03-16T09:03:30.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.kidshealingcrohnsandcolitis.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92162-d6dc-465f-866f-4728950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:30.000Z",
"modified": "2016-03-16T09:03:30.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'kidshealingcrohnsandcolitis.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92163-14ac-49c0-ab4b-444c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:31.000Z",
"modified": "2016-03-16T09:03:31.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.livegirlshow.com/8i5ju4g34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92163-ffc4-44b9-ba37-4ed7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:31.000Z",
"modified": "2016-03-16T09:03:31.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.livegirlshow.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92163-be38-4cc8-92ec-4565950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:31.000Z",
"modified": "2016-03-16T09:03:31.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.liveshowgirl.com/8i5ju4g34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92164-dba0-4ac1-a102-45e8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:32.000Z",
"modified": "2016-03-16T09:03:32.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.liveshowgirl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92164-0ae4-4929-be0b-42a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:32.000Z",
"modified": "2016-03-16T09:03:32.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.myxxxlinks.com/4ggh45yh45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92164-c7b0-430c-9be6-4d71950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:32.000Z",
"modified": "2016-03-16T09:03:32.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.myxxxlinks.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92165-7cc4-4d19-9fc5-429a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:33.000Z",
"modified": "2016-03-16T09:03:33.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.nenitasthumbs.com/4ggh45yh45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92165-f064-45f2-86a8-4176950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:33.000Z",
"modified": "2016-03-16T09:03:33.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.nenitasthumbs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92165-a960-4725-99c9-46eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:33.000Z",
"modified": "2016-03-16T09:03:33.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.nevjegydesign.hu/0k6j6n4h4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92166-0164-4a9c-8f22-45eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:34.000Z",
"modified": "2016-03-16T09:03:34.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.nevjegydesign.hu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92166-835c-4451-92e1-448a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:34.000Z",
"modified": "2016-03-16T09:03:34.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'nevjegydesign.hu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92166-62cc-4492-96d4-4916950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:34.000Z",
"modified": "2016-03-16T09:03:34.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.199.49.32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92167-ee88-4cff-b4c8-4b8b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:35.000Z",
"modified": "2016-03-16T09:03:35.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.nevjegyportal.hu/0k6j6n4h4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92167-d514-43b9-b540-4b03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:35.000Z",
"modified": "2016-03-16T09:03:35.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.nevjegyportal.hu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e92167-dacc-492e-8d5b-4728950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T09:03:35.000Z",
"modified": "2016-03-16T09:03:35.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'nevjegyportal.hu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T09:03:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a7-df94-475e-b7db-4d20950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:35.000Z",
"modified": "2016-03-16T13:03:35.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://smeja.de/i876jh556h']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a7-cb70-4b23-9791-4c08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:35.000Z",
"modified": "2016-03-16T13:03:35.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'smeja.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a7-552c-48b9-bb14-4f92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:35.000Z",
"modified": "2016-03-16T13:03:35.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.28.232.50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a8-3cc8-40b6-b67f-4de4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:36.000Z",
"modified": "2016-03-16T13:03:36.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://smokediscount.de/786u5h']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a8-c0fc-4bd1-b6d0-418c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:36.000Z",
"modified": "2016-03-16T13:03:36.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'smokediscount.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a8-ddac-4258-856e-48ba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:36.000Z",
"modified": "2016-03-16T13:03:36.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.179.94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a9-5d54-4f6c-b997-4875950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:37.000Z",
"modified": "2016-03-16T13:03:37.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://storageinbath.co.uk/78jh5h']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a9-9a60-4d4e-9613-4c26950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:37.000Z",
"modified": "2016-03-16T13:03:37.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'storageinbath.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959a9-232c-490f-9b72-470c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:37.000Z",
"modified": "2016-03-16T13:03:37.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.186.31.16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959aa-e224-4ff8-9f6f-40c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:38.000Z",
"modified": "2016-03-16T13:03:38.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://szkoleniasluzb.pl/67j5hg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959aa-d900-4f11-bc44-46f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:38.000Z",
"modified": "2016-03-16T13:03:38.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'szkoleniasluzb.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959aa-83a0-4947-89cf-4923950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:38.000Z",
"modified": "2016-03-16T13:03:38.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.129.232.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ab-aa30-40b1-bfdf-4bc5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:39.000Z",
"modified": "2016-03-16T13:03:39.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://theskcreativearts.com/45tg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ab-d0f0-4bed-8ecf-4694950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:39.000Z",
"modified": "2016-03-16T13:03:39.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'theskcreativearts.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ab-1724-4f54-a172-4554950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:39.000Z",
"modified": "2016-03-16T13:03:39.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.168.188.178']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ac-62cc-40e8-acf6-4685950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:40.000Z",
"modified": "2016-03-16T13:03:40.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://tracks4africa.li/43f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ac-98b0-46ae-87ce-44c3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:40.000Z",
"modified": "2016-03-16T13:03:40.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'tracks4africa.li']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ac-9960-48ed-b166-4db9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:40.000Z",
"modified": "2016-03-16T13:03:40.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.40.28.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ad-0ea4-4956-a032-4f6f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:41.000Z",
"modified": "2016-03-16T13:03:41.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://tradesolutions.me.uk/8i76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ad-6708-4adf-a621-4b51950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:41.000Z",
"modified": "2016-03-16T13:03:41.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'tradesolutions.me.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ad-845c-42a2-b42c-4086950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:41.000Z",
"modified": "2016-03-16T13:03:41.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://tramps-ike.gr/8i67uy4g']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ae-fc0c-4581-ba82-45fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:42.000Z",
"modified": "2016-03-16T13:03:42.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'tramps-ike.gr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ae-b180-4f2a-9b17-4adb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:42.000Z",
"modified": "2016-03-16T13:03:42.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.47.53.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959ae-f8cc-433b-937b-4b3d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:42.000Z",
"modified": "2016-03-16T13:03:42.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.silko.ir/k8j5h']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959af-d23c-4e72-a0af-48d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:43.000Z",
"modified": "2016-03-16T13:03:43.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.silko.ir']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959af-60b0-4ab7-9a6f-4fb5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:43.000Z",
"modified": "2016-03-16T13:03:43.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'silko.ir']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959af-ae68-4926-ba66-4fa4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:43.000Z",
"modified": "2016-03-16T13:03:43.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.9.141.147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959b0-ba40-46eb-a685-4ecf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:44.000Z",
"modified": "2016-03-16T13:03:44.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://www.trasachthainguyen.com/0l9k7j6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959b0-371c-4e2e-99be-47cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:44.000Z",
"modified": "2016-03-16T13:03:44.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'www.trasachthainguyen.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e959b0-d1e8-4543-899b-476e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:03:44.000Z",
"modified": "2016-03-16T13:03:44.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.255.237.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:03:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95edd-961c-4f8a-a499-4883950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:49.000Z",
"modified": "2016-03-16T13:25:49.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIADlrcEjENnYjyegBAABAAwAgABwAMjk2ZWMzNzU4M2VkMTc1NzE2ZmVkN2JlMWUyYmY1MTlVVAkAA91e6VbdXulWdXgLAAEEIQAAAAQhAAAAmPIXeGVtZBoi+MVKl8j0Qe8EF5mbYCm+JRq1mUmF/z3qTvQuejWDkwROqGVHSNlQke3BYdCRqMyGjuXVicL9+9xP9L9pdBMiQ+cMTbK1ic7m1Lzgf0VDlN+X4reQFlpHgDiveuVyrQDONq9HbIhjDvGs36+cKLghEGc0Zn+znJhk0hDR9CLF3fDIxPfofJnDWNj5WIZJTKqiiGz1ss9YjKiEK81Jy/Apl//FUx+3b3Tgakr6D80JFMXCHjlHEMr2sPJ0HO4jVu0xBCH27hNu4QqUozWU+6ELidkUTCon7CHPuqSmxVfvz6o3bvd6G2f/p7KRHGS0maLpR4TNqC1gh7+jadlHitZT8djVue5ppyIVf70CxjZwW0cKDntvoR5TwmNgsRmZs+3nsb1eb7TyfyPS3ustl71S684/Z7lQKoFotTl71zd3d/tSY96ipR6Un/Cw3z3ARMEZWpPpZHKlAS/ICXu3cUh/GdDL1epXp/43hYUu99GBFfCzssIEzRUjTwZ2fKkLtzYGc6/egia6R0QJmijwvUlLGgKbkxHc289d79yqcOYuCQ3EH0lt3oHSzMvoL16x3HR5TJEpVkthJ3pkBnMJvxz4K1hiqpuijgmyZj92N3SiicbLTgVwWZ8Hhdu9AUDnwKlxd/KxxfqlRhkdcpZkccOmwDmEDVB79KrQ9hjd0ufZ1zKUZohBclaFCZTP/c9c50NSV51EJHkUkP3YTUVIZhXc8Z/0goJbkLRjY8OYc+F2xP2xIEdFWWT4E1jm3JBo7XNzPt1kW0KKfW53U6vdSojrNNJmk3PWsh6cP1kEtVLZGd1YXshvyJ3ZAwqUtgn+c3C6se0cVGygQ60gK9Tqd8JGLFPQDtGTYJS6ikKIyT9OxWfIfHHtjIf/BV1gX+TB1xAhgGq0BrLko0vpcfRe5hovxbuKaX+iES97DDL5h9a383J7aMmZVHGHgeywGFzGgUutgDwjufA/nAHWUPpKvXrbd+KY5igKwxFMcr5fufXu7tbiiz8sHkbzMa7EmNUNMO+Bm2xnv0lFMijdxrhDaYjaA7HsQjz3pmz6/ZOVikBHh5jWxigj8AOoILJnCGTZrFxSl8jxliMPg6ecolQiHOpNYL6Rnrk/pXnVpbTF9fV0IVCt0zrppR1WqVbsuESE4ou62HykktRxBJrafQu2eEC08Re1ztm1Vtd0tkX5PW3w9in1asp0StoBsdg7Y93iW8KsS+qcDyixjk0EgLMEeGivXTUgkZkXTMkCTW4r5mtsarOy1VA5SmnsQJ6wNcKpRtnN/uyC1hC+1O5oPKXbUU9I9YmiClzQZMzkaxTdD53qdOuADlxhQa0uPqlLTO+GS4YX1w2/p6GShudwU0rZJlYejgYvjWNbV8INlRObHzdJzABXcYXKK82pxJhWL0JDsuPxeYj1R1dJ6gq05Wdz07KGn6XwQXmGdBo2z3rTJNc5X0DuhGj260Rl4HghLPeNGbirKkpRxgVODXvp+bpgiIQI4iUAhmZocfJaPyrIxL42wWZ8gM6CSpkPT425y82c01g55+nO0j3eY1snsbWkPZuqexO0uneH/GHL7bjiHd7rD1D8MN5qnA8KYbmBLuSXf5P8yZt2U85sFmgVSxoV5XI6/IvYZa22zy2DLPAx/j5rWX0pPrPw9Ci0ZdYimLtOT0iBKR6EGoTvPFCQTUY1khUWpatG3+ld6pm1/JgTDMwfSBu1O1EqqjRQGYm7hnl+3+mSCBrDfjH9I+96dgFPjB6VD8VrGnEB6FT6Z8qpJXs3vMulJM9q7Hz46Q3QXaZ/ZKZULkLKtYrudsF7Bkh5sOXGMP595WNAGC859WR/mumyT49n2g8Ts0/Grt/Or1s72zWhWaj0PSE2ulh64km13W7Q5zek/sgGaMCuZyOhnDN5Y+5MXf9xC6g2ws9HZXpODCNKn25kFZ//9iH8u1pPk8lseR6AE5DTYZrY7FBHuyJjo45mugqf6RAMeKIHJQ+tD46YL8m7V31CMhr/NEwLLA7uxSHC0bKhp87quOgQeqBxW/+qbPu+fX9A0fDrkBaUt3xjYZwph4bVy/G2UnSAFqvZX07662xR/1y9iyiE6cvLQE4Su8YBbenCI/XSmUyc2s6HZCqEpt+Tk/2o5pmYIsTXySnbaq9K91sTePRIVOOJqYJNGBEnZxIwk6ZU8NAQmtQ9Dm62Up+Mt7eCjW7M7IBhoXyhVIDxAI3YYr9qGN8lHhmcFzAWjmcrn3l8pyCbDTVKFanqbwlnlwmkKk9neAMlgpaLk3e9lfl/CLgAz2rCfEGjzaKpQG4OvA5YeMt0PzoGbO+R4Wl7o6fxtHOepmnBa7iIChjXkzMhKRsf7DpoR+EkeJEKsBaWdZ7n1S1X1rszy0VJ+JTuCpUqliAI87ddoyFnTUzlJ/FeUchySqpbqxtwo6yXwJss8wtREuBieiGmaYpdl3Q7SLYpls+cfg1/iSqpfMubIjV7Au919IrBUPlAkASwCTrNbQX6MZtQIN0ZRmLoGpdLlT/ODhHNCXPH9TZ4ILSat1PlVGeCPVtW2pwBYS8orokH10M8nLFskr9KW5K6sdo+yP9qFOMqgugPsLBYsJ1+XhVmE4o9awafgPy4t9ZVoxIh1eLcZ0mnhGGT2eDJDw/OCTEuzjuSUdCR3AeTCbFhfd19r6eEi2Xgj/cKIgxjjFz5hLobkCerB9JOIdvajCioVY1cr+omHqQsh+f8x2AkDM/3Qx1oraZlQyK2hFk6mNDo+WBxqkmA0Cz0y0QXCVm5u0YMticX7xBne5Hsl7siasa+TzGhdBs9MsoCcNaIW0qJBmXku+vAQNrjAMWus1jdrXTlQSo1FyvdXerdhS/HflhZ/XoO/Jky/cZJ4blxwc5rs0hUzgcJoW3LpqNMlc24oJu6pK6n1Xo9DVZO3xe5MJSU04TlFRytPamyGgo4kFZOCPqI81WhurRbGWIL8AHDTSjfqRi4IRyltm8Jmquwc2xCE9Tvg4H6dQOJaudVd/gPBptYwI77jCtq/OgZqiOQ8Pzkz02tJCy3um/3PtEJCIog4Hv7D4M/FvKoGlkjpyOoYJRdkzif0G4p2yxK1HoNhUsef1sD4ml52p2zzi3i0WzbHZN1O9AC465WKnMHHp9qu1vu7FBokNumubVrw1M6pAF5mEQqN7kdQ5qXEeBgWZPyzTNh6ra3UP+ipNS5/FZAsJfygULXe21/mReIZDgUGBCvoSMKyI27Ri0EnjR6n7Hw92FgzIB5h8CMhwhLwEuvSh40qp0/Rr0yBb3ZhxXMOmrDdlZhHxlxSGc8dVgKE9qsl7xC8iNHYOCGzWsDV6uAcKzcnVU0ODSiIHH6Lqh+k/roLiqK9Rmw7Np/Vi5Atbe+grJyoliwe+sJjI026cojudvR79lS0/0WIvSafeiL74EP6EvLy2zq5CEbDG7jQauNnhH+TicMB4x2pL/Cqnll5Vz9YWiK8BrYQHBQOhxECnqMVETIJsS/pHKIRYSWFXaqArwN6ZGZrbwrNRwPg/zpU9+yUJBCyZ7Jx9nogZWDvIW6qf8hlPhM7SDYt3H7yJ8GI3KkbLAv+u89nk6aQCQ4fxHhc+fcvQjsC7ENsf8j38Lf8sNJRYkDjmOwq4IXQ2b9LKhlcRq6nZ46F2As4T//ewwApBJ/MW9R0FsVuqi+IQf313uAgU8L+/dPhMHqeblCDJxWPIio/lN3XjP2Sl4hwomrT8lWx23BFJuUcNV+JPANFcNn+5Co2FG82Re7kMiqF7zJhGBWWFKBnvN9ZDjHyUyuEfGVLA6MFsPpm8PVZcYNFw606lgJlTGQim5ZeUnhdFREOIolR1kLviQMtOq5zkuYp5zfcnsJntKriU1YOLjU4QUEguuBMVxezCR5Z/K9GzU8Qr9HSAHR4Ia94cjuZgs6Xe/RUxRfA4
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ede-b7d4-4aee-b4f8-4789950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:50.000Z",
"modified": "2016-03-16T13:25:50.000Z",
"description": "Locky",
"pattern": "[file:name = '4ggh45yh45' AND file:hashes.SHA1 = '8156b52971c9907f2d232d105b6fcd1d53ffff91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ede-fba4-4ca9-9bff-4c8b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:50.000Z",
"modified": "2016-03-16T13:25:50.000Z",
"description": "Locky",
"pattern": "[file:name = '4ggh45yh45' AND file:hashes.SHA256 = '55b5718aedf3aa9687f4d63c4d86cd7fac51b6e88887a569df1774d5039c7905']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95edf-1738-4237-be75-46fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:51.000Z",
"modified": "2016-03-16T13:25:51.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIADprcEjutjOiJ+kBAABCAwAgABwAMGQ1YzM2MDVlY2VkODc2NzE2N2JiYzdlNWUwZDAzYzBVVAkAA99e6VbfXulWdXgLAAEEIQAAAAQhAAAAmPIXeGVtZBoi+MZh9rFjW4blcI1Bqwr9uhAvzEpfTt69W1M+2/JquYHeWROoqAl5hQv12/kQNsrl78PAy81Jvb33n0bhvq6lI3ByteTIHHlXPauSSBCi/ycGcKrV6p0FVJQNMGOeTUyQQBZVzwp9cAo8BcZBpfsu2bU6kQVR6RHXLzagUn/npaPgkqXoynXF89tzQI7OKufeFtM5qgwIP4ALCPxXh4m0yCnm67T8tBi+6mIkeRqcb7Nln+87akdZEfEngo9ESZ69Jj+9HHZ6IQ/18mlwyidf8NbTRmg5yUMx7f7XBUfWvWbNVYqIjcH2I9DfoxYNd0E5A5PSjyT8H+SA7LeD0UVkUOZ2HFt/OUcUy3WX0N4YxSPbIdT1jDHS7hj4d4Qg/k/O5hSlq4keR0aeU+0t9R/bRIwbRoSThO0qko5ALfCZHZfqPIbWFgIdy5PWFE70K/P8VyDtygeEqRruvqk+JIwfBw9mvJUSHLXEZb4MItWitgKmIG3YTsmL6/pHh3wLwxgg6mtx7npAcnWnWPcuO6B9fG+aCWDooDLaD2ln14zc4rHFxp+/a0ounIXJHBZ+8m+FOu5RL38I5FI9yCgbs/WAFnTH8QgMy0vkTCk8HRywGROv1aqU0VXjbg8BpanJ8rP+6u9BHRRWIdYbcORMLU1Gdtn25xNbBEbjima/vMkQh9gO1jzo52ehVNDl8/fKP2Wkinnop3S0riQZ3WNaWceXohoPtm9IWGA488k9N9cNmGYokv7oZg9CGTBGGXg1OKRgBEABhZi2ww/pgEKnit9CBW9b26Ol7cvygVYjkUNP0o9BjiUzgsBYw5bNc8tPdfWE1rsp5xMVQWB3t6Jmz1xrec5YhZ30d4wMwhE+Yevhx8MV6jbe3PRwwun8j91Ap4bMADLDj5n0RTVqnou90pLLYJk9tTZL94JS2sEaLg3TyjWTPuNVHvKUt+ErBXoR/uHE2ad+1MJRbI0m0F/iZwgpOfqLNiGAyvVtsTgYmOmGzH/TbrgqmRhmChyQYfhQh7cL9PyxzxutPQTbki7ZC6dBk90n/4Aq6P9eVIv6cQm/z1Jusn0mI5QKewkF//td0kWFkFObO9Cy5L84nvQEbWOuFXB8nxdW3YvfBMgG9r4haF+EGqeHC1AG1obgOuTCimdIR/rvTteME4tANl3sLZLBdTWIPPpcmiW+cWhuivCGbQru0blhSTuHBQsIozIoJd71X/u9wLt5NlIXdEoGVcOZ0HfhNg7AVKEiKrBeh0mr4NHGYP2nLI0qPlXwz7nQlZlOOzyT2l+Ndh4NORx7VdQL3YGVZKKzynGpIjiEskDe7ZLHXucARVHO+wvXg01HA6oeqvmzTxP3T5A0XKqfXk+owWgs8LDklvYhMgYL1zBGEV36P6YxaWCXdstbMQLEzeR1EAE1Xp6Odh6dtJjdDtx7P4+VFVo/cY7su7g6xYqPX6hlBYO44wxg6ALmA9o5y1S7bNR5W25k1cMQi9akw00GHwCJhbpQewOpyLzmVaOf2d2t3sz/6nArysxhMdpqdBbjZoHpot7sNxx+iHJr9DjadDggRLc2+Jk4TVtA9KGHlijmjHsYU8MnHeDweFfsc9KVVSZfJSrB9eNADo5QixEjT3ADlOSbmbfEniWTiXrO7AexZPfvfQff0idaSKwG4s0vhFrLthKUlmpqGnJLn3erDbkkNuDRBktYy1C4vJSeLPjzw44itNpyAqv9QQd0TShOcESOxr1KSNb06k1E0GLlyaEUW28xi6bM2EKf70nDw7EIyQrIKfYZzJBUDPmQ1On5t12D/dgR7u4Ry4VQScgqD129BPOTCUhSYCjRd1sfGP/HyCXFoCXIodhDv9FU95rdzeCq3aiJmcYHUuCc6xkq5sEV0fRL66Pj0OlIEEJeWRIrRmlEd/pyGkZk0dTauEcVmKfxxRFvWNwlvVYxU4R5ISRo1r6KbgFyBgmvFtXg15oabvGsyHZ+7AzDBxp+AMKO0yia+Zxcrzp3Nzplr4j2GRuV+zxrYKj9Lz0yz/bKx+v1eiKIMQZJ477LLiUCN20VPPufj7N7dcNh2IpQoGUNxKvcUtVYv6hW0AlXCx3AvP8xntAYN0qmlJBesQOJ5y7Zt19h6kUBzdNOXen6msNfWfg2Pb2wb1QU4MtXJ+w6uwEarGJHvtiMZvaSVXGt5rA7HH2B01R4r7YInN8FnCtp5AtMfFoQPbpOybOYmhCeKNbyO914JxMew0Kn7Y483H0yLKM4K+oWuJzK0Ut1mgNuf8f0byfRkA4UCY5MYu0XEHZgmi1SZ3E3W526P9RcUa5zcUbCC8H6aoQrSN3VJmf6yWLrmwkLb01l/G5nDYoRf55RVF/ZvjI7S1INtW2awStw1+8eQmsiwSGIlgQLXuJ26Ft9oaXkOMi1fnXOJRpBaZXDaqTgx8ImUx+kICa/hVHivXWdNnZlVPwnY0Gj4Wm7ArlBaLJM4fUtAtb/yptDs9UCs5P2zeErAo3hILtzEfLavBkU1DoH31fDkCoV548V2872gLtBrHuFjgunwHDEwdN5WV8p3tPVn7uahYOox+f+ffzJBNdYBNJ/toElIdKqxmteNzIUVoIydQGdnFR+V1AiDKxA11SY+00M1C5tBy0ng5Wmumb2Ca+lqZ9qpBb5Xj5REVB2SNOoxumfm1VwKwW6L5kqwSpo0ZsM1gU0ckngRbOoj1RYB7PnEd0woejFO/RhuXDGrlZ5cIDdRS++1ijE93I660GEn+jp53fWsQWz8kWzrosa7Aa+VahfuhsxTixjMeM+SMm7VO9KG3/GECTjIPNNf8lL4FPcb4FoMUbz3cnuWD/mmaIkmPJcZXf5nt7V8rrrnr3L3acxFRZC1RvPpDpk99yPeOZE03QIPST9tQ/FGFVj8mgZx0/2Fm5QJnHgt9ac65yKlf6OpnLw6XrkAVcLLGSPYjIknuiNVfzDWixIByGjE04EoNXuauiWDtWOz59jndPvrCjVzPPlRuJG8pWimKGfiU5//U/tu50MU15kBBo0/YD8Kwl06RGumV7kAw0rBvAz6b1SIB3K0Nk3msQ6o6VxeemecPcdr8ll6oC9pJQFZ5Qlrvk8QEZJeN0/XqVQHddAaJfgvKt1DFY99RWyScEblqk1jg9J8ZuZ5I4vO0cr9dscgoLjJCvHat7VDJFhfzXl+RykcEFt2qMFE+We5H4ZYIyQBbeaIToxpE9y+MMzUXRNJFTvRD2j02H2WxmAHAxUjhHG6+7qCgXp1UNVqqgRGplx92xIEFmh/XO/018qO7fKzJMuNHisx3OOl42eLa4CyMfL8aF8yUZGYVI4xHdSraSaZxwMgNAR1nvksVF6rMsRyoxMrOURnAkw/OYRbYbggf/mBpDMR5/gLaBIrDsBDCGVAbfrrtRCI6Im8PXwqmmXPmmuXKihR2KW2lyjU0DpJ8vnQFIFCQzf+Fv/kpZlL1BYRG8EOr1SGPQsha4eVDzY52qP3kkQZmiSUF56Xa7UT67+QfisS5yRpzeZlhkBfmBbMFktnGulczrc0SeHRJaUweLpIzdW9TT5yOYl17t7t1lj6LaVCMfSx1Ofbe+3jFukM/WME7dfXe79fNS78jqiGb8i4c3EnMzQcl6q6Fdrm8ot1LwmvlYbWOMdSqEqHKbmJL845CF3EBSsjiAGosGUYgHGLpeVtF1r4kn9axarGBYCIZuMf2uNZO+jYsGpF6ppA1YV7/7dEReBLwxu7czY5nYWaPS9l/eiMbI5Huo0dWkmbSM0iBKMQTuC4bZZLNV2SqLUaN7JmdS47CLU/acbBu3Ppjw2qmZSvrEXHImo79XS1UW2whkngpQZBMmtxhz8etAWz/F0L4DNEHDgL6RG/DYJkUor5zp9YSxyPKJtoPBhI3Hbv2zrFB9EtOjNrQ9bHVrqGQ1ZzA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee0-6afc-4f69-ae3d-47eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:52.000Z",
"modified": "2016-03-16T13:25:52.000Z",
"description": "Locky",
"pattern": "[file:name = '5h45hg4b' AND file:hashes.SHA1 = 'fffc697dd47c87c11be02cfaca6eded931ea061b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee0-71f0-4920-85cf-42ac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:52.000Z",
"modified": "2016-03-16T13:25:52.000Z",
"description": "Locky",
"pattern": "[file:name = '5h45hg4b' AND file:hashes.SHA256 = '2edb43b30d9c9352247a692a795c82a949ae4b7870cda625de901943696b0f03']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee1-4ac0-4173-86ad-4520950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:53.000Z",
"modified": "2016-03-16T13:25:53.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIADtrcEhpKC9kjeoBAABCAwAgABwANTA4ZjU3NzBmMTgwOThjYmU4YzE0ZWJiNjk2OTk4YWVVVAkAA+Fe6VbhXulWdXgLAAEEIQAAAAQhAAAAuzj+WrTkHdj17lJeg4y/BCfnabfyk8dhskeD8t6MdjpzQw//ieLEFz18XjKaxItTNOnbnylrA6QO/PKqRf+sT4EsZdTGysmicMFfazUPNybt7oyQqI/KbSXycAmchFmsNa73zKYsS5TTaw4UaF/ZLZv49WXvXUcOLbU34ECYdzChjAWNxaoJ259YT2iWihHcoQHSzQdN1FhwIJG43D0YPhcEHmyQvlHqO5Mrnda1Y3WJv0gVcIKv+C62Qwl2eo9LaAP7jR4E9lyBokBm5rRUZxe2Xp7z/buTOG6OkThG6Yp7Gwi0Yu1QCuTLejrGG0rj7piZeagPXOB5gFcECJ9rLd+L/d/BcaQJgfVSUC3OVNV20vCjtBQtk6VyP7kT9uZqCM2dTerB27a4hpjKXaRpI0wEqXqL517kesfvPYgg2hF+9BSCQoBj9R2oJLCsDPvtt4TB8vCPLVsyU3Pzi+EBQt/+0I8CSEUL0dO9uhSXahOJSJkCGe1DxKxr9IEY7JwNcYd6N07YstmowgRK58+BBfVLwLdZRKMWYS8u8lOhhsQQleQfTNGWVRDsMMuoSzdTzRor8dVvjfrE4cTgXl6la/Ux9ZOMqJOucxJbqUPDq5aIWu0dapx2ayyvNFXFPLekhjPv8DtdUkASPzPcrXHAcxCaKsjqlTIfLYqZZ7KZ10IXzu0BrO6itqXPGcU4Fhho8xB7+xeiA7XJxgrJKFZv5AjUj9o2ZqGHjq+A2FEwdmmOzN4j+KYDkuK89M2rBB6r4tQQfy3Q+e8zNir8qmanFyCulWKAatpQ0SoDHDiO1UkoUzdaRrvCRgT1MbZlCAkZpQZlx0z7gAibfpwoPewbv7se530WMBNnbCkzmhCcVowntIOzx+v2vBE72MRfO2pd0jVTibTZn7N9iLQ3rav9krVQsYDc53gQTx8cDY5Koi93xQH/onmVwwZ+4YOaRRp8O8+xwpHHE7qwb629s0LZxvJfHG6ReN6ATCNIMcnHlNankj7uggeXt0Ea0iZEeRm8Qj1lKm8+ZuwfTH4p1DoYc3yEmKDhjzjV+I9eVjNlP10t3aZS2kJniqqfy1AXm6ITyfInyCfF6oIhp4HnyaJw7aT41a0nRWGouIrMDV/uyoCg03Fh7tzTkKvsvtquu4vhFksfTf13gZPLF3HuQL4vHjyliPutZ6Oo3yZhlMm7FOF5rU3ZFsYrynMJ36yQ8R5b3QmcKP7f3AhYWtr1ROey+yJTFYjgt5IoWVAjxrE6fcUoELz5z6CQNg+qZMIdHPNQrIm2RveWn79E59HsUgBkYxSkw7obokRG7cd5KJ45uV/CeaKp/PLdk9ta97MJhGWkDuEtk7wHxh+3kyA5DDadoqAytjWTUMALV0jhAoSJMQBC3+00jCv0bCCJOnwBvQ4pWwtVqkAS5ndz2joMZmIpE87DAqsOcpx7rJfJl5J6SO/U5zaWeXDU4DTTuqBw0LIv+iDiIZDJusW0s+1c1DO0PS6FGEGPKa2AQqqs9/FxSyOnho8u7vnkjxuTeAsNPhcdCtaOKggokehJg1fBTPf3Eho/dLePCJu/tb6oJ3SCxDH38WmHRZ4l1veqtgcPKYqrpPhmOHIuCBMYp/gfcAhKAoTIBbCVB0o9Cdzw9DJHcbvwIusmCYW6UhZnYFHSxe0mnarOGdzgwQZ4yRfl6idK05lejDt0F74S/HlEZtGQehOEfRCezN/i0KX/GZpz5ITe3GN4+DRN7oHrAqqHGyHk6ezCTqImylXQuLNQvgkCc6X7AK8FB4rnHNfdcQ8ENQ2t9FAsah4XrY/grH1f2Cc8ytGS8F3i23Ovt+X9HQyUvTQJDV4QQ2AyaoMz+p8khfKN2PtaRufLKFRtlzGL24Yxunpuhtws9OcTr6u7EgtcgBIbYTjnmoecc4sfXBoh/AZ+yt3N6/83e9cipuEVxyQSppCGR3Mglql9eW/yuF5QjIIBxWvbOAyIRoKeliysjpEagcHRUnB7XyuyJ6SpFI1RPFfKFSYatZp6USjBJEjexs1Cog30K29ANfD7sjji1/xFGdM4dzTBdVKxRSVtIBkdviWTuTJXqlmY+PCkWSlm5RuE2Cs9T7oP3e5kxeRKffnBzANsbSksR+cyoTDjnWeRlpPw7ARwgPvB0zrcwSgV3+kSGMIzTyU9W3FNaxn+QKfGCahcfHm3LAovbcq2W+P1vUTZrCrxljYXwK3KgpTI5fqPS3jwzR1/YwSLr+FCGi027R2Q74A4etxpy7l455KcZIc4KmedzXnf/l8Ul1ZeYdcbiaffbl8LG0GCQ07hk9x151ZMe5d8AjYkctrRuJT5w+kFAacQT4feXjcvjcCcG5+ud+CjjM1KtkCmO8h+5+oULWHL0VQZmwQx71hwLhzt45PpS1wvHGpQaNm3n2z0rC5qeJ4leGaEmuzoimPeUD46ft62X+fEfFYpNr53WYmSguc3q6iU8qar5r9a9VgUqaQmUFQzLRWxUoD25nRjMi8XFJFvn8tvZYcI29XSPBdwYNbkjermEDxX3gDdD4R2x/n9+yAXQV1RpdpZQxD0Bmy2Ebg5LW//4h5LJWk3nqW7qXrHDfJOOWgXIpvaY3MnOtyNsHZuZ13uNdD4JDhxqe9goYnkQ15AsrXgEmU9lNGwK2dCQ4jIXr22Nenjol+8i8iljD5+m/zoWhbTXryciIGwtvL+82Tds+kf8qFsldf9O5CF2kHu56xyMuu/SjeYWrzqvEnP2VRIsYqopWuE/JpqQvSpr9JPei/BUfNL3X2wWiRSceojs+xDTo09RqZmVwN7I7OBq3S0kuXOwz5dxFeY8Fe7ItH0HmISgRapWT5oNu2DV0vdbCTUFeLnNlf+DddtgzFUMmq8L8DhgsxPvuEH2kQPPibjGjZ1/m4evyGSsYkiR1sUFp9mh/ZUJCyQA9BbbM3Yt97PL8i3n0YCXl7uRB7KlzSdRMFVxZWetTLs5+EIIAEB+qm/m35S72HC529kxcwUnYpZmZ5qR6nTD4q4K8t1bJOEBZn5h+USt3uHVle//eOqF+Gb5xlhf3hMbpROmfrE9ZGQ4mEWS2CZ6jntBj79GZ8UiLREGJnyhIvA5P7HdbkrL/JqdLRC9/f6A9EYFiMahVTe1xpYhr48fuF7pwnvgMVtVi50YUamKuHGggvUjR5CCOr7VzSBxx2GC7EQ5t33JexaktlXtyQS5BEf/iluZCBk1ZKDDmAy6tU3KOwIea17FSnddg+tAW8QUoDjyKlxBCOzrwXIn6pPUSXfM6zZ2wEUY7PTmjvEo+91q0mI75Fmsy3qpBwVNyKnJpD1jju0+4Sq14rCLaoSLeGZmy+NU2FypVWixn1vMWFW1iMSUC0Jkl/xqFL7NQZax1rD9Txn3f2yB8jkWAbUkgYFWAN9k/UDIAmRoGB/50hXXgSGiya0pitYGS+oWqlIC8ND0FMEEu8SPiOWtIMpYgYJzfIEFoINNiW4KfE2xrV2HP59PGFLTNZE4dZlT9kskB083H6MYUWEr9zAmj6cP1HE/UI1R5+vHkbcNfJxklueddapz/JxREYKL2gsaSjJ+icEpypLjHxgq/l/iII0xksHH1hTGHVDoOpAGkKAWZG5D8hGyufWkoEEMoBOJekjylD+JT/CWFYiXO/SXcvQk/m8F0HWkVrGviLUkt/0JZpFkRwUIreMu0WasFI4/KOT/FbVZ+Pd0peJ4c3VyrnWKV9c8wXX+HNw4xxFdSE+EQtQ2ZMYMRirtVT/a48BZp/UxqCcKza6RySbXxsblYpvNVX2AHuhqZLVbFmEecpG6mrDVEaLyWDmWJ4GyZQ1C3fxB1vdLansb6y8CLJAXw+rxk7LTjvosBIVat5NaMq15fqwnXEhm8u8W4bee0giYcHcRIpCDZ5Nev4e/cVk3XuBJtp8iHLZpxpHl2ahOi
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee1-57fc-4af6-bdc4-4083950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:53.000Z",
"modified": "2016-03-16T13:25:53.000Z",
"description": "Locky",
"pattern": "[file:name = '8i5ju4g34' AND file:hashes.SHA1 = 'c235b00c79bfe183ba80c6564d5ab7482961e0a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee2-0ecc-4663-a0e8-49fd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:54.000Z",
"modified": "2016-03-16T13:25:54.000Z",
"description": "Locky",
"pattern": "[file:name = '8i5ju4g34' AND file:hashes.SHA256 = 'ab735a10e8ba52b7247c3faf9a49b01ce81ab9ae9339eb8915ddd71d48aaa9fc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee3-de40-40f9-b60b-43a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:55.000Z",
"modified": "2016-03-16T13:25:55.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIADxrcEifb9ZId+gBAABAAwAgABwAOGQ1Nzk0M2EyNzc4MzA1NDRmYzcyMDRhMDkxMmQ5MzdVVAkAA+Ne6VbjXulWdXgLAAEEIQAAAAQhAAAAuzj+WrTkHdj17lVC5cvo5toQM29RKJzjlOAEg8TG/Y/QSidWd0slFYuvnNiD4kMuKvCSQ7XZ77vULYuR2Ke1oNWwmTJDFmqg9g2LaKZtmIqYei0oo8Z4ycRMpp6B7jgO5v+fAGaC+7qqDpMRr4qvZBj8kaau/9cLliTufynnf6bwjsGf76wE+gWQ1956lZOdcup60XrVs+jSf74MJSzw/Ik4hsYAbka+OE4TwKNCUANPUMxANdxoiHFKSNvgjlZbo0y9CYXyOHpG3asyPU3k0re9ctVs5FNxaEqNwtXrPor3WoQNvecikpry1iEjDXNr/Yaya6hFlH/lGmxbyjRuo3h21oT5h+QixJ6IHuOIUk1wFEiwEwK/585l6/UhJ7GTXNaDeB2Rp6s+YQKe2AsPuSWfPYE3lyLcXkTnFA3SrXpIrFohTYClbKTRAjVXRWLtrTkr/ieIy9ygzH+Z5Q34dADeKUzeQWdRrRHmJEhVRcfNV0dRYrIuKbpgt7RfGNru2Gz5P0Qsb69yYfm58pV1VnC9ExKct7cFFK5NsKXQDD1Iw6afUDlPqJJ71CK2mqaiOLNtJI3yWhDmWgkv+anYgj79yUrRZMmdCtyKJmivhMG4iifHIP/t2rju2tjf7AFX0TXkyNsVpI3uFa6cePbcuTYRe9gVouC2z5uAR/IBLK2VDsw4/Uo2Yo5H6FS7C5tNd4g+g6vUVEMLkg/lY6UjilPJKs1W+L8pDMabaVyulzJmQdF1E8UjaJUW2o49YBKG6wuze2ajDzas9yFeCkduyf63Bv7sdmk3z/KZAXUilztjRH8+GcDVk7Xj3Zz/LrXd2Vmuqfu9tsAKkiHEqWz/hRLohRZbnzsu/fBUTxNx9CZNAXhApFJxCkYNVFuTvQFVbMgDjPceEHLUaPt7EgMkzPnvLJOnLtwkzEFg/A6GwxMoNiOvYaiZNkVVJGel0/YwzmiPAtGyGwZa/2P8wTztJ3PI5IEYgtxpJmgSWbNeeVy+tXPRK80J64Y05GL0ARivqARg6FXaggke/xDUf1WkIQsOBi0W+xuMsyK8DXKr5lnA/oAvpqRSwb4kjrsL9kexZHZR29u/yUeKS35mudgdHuYH2FnKkyGj95JdpP1aJHmvKASItAhvgDpQFnE0YwTkgxp2hWyxoIYMyAIEa2to77k0Ye/9vEhLPWzc21uZ1P4GFRr59qZ0o8F/lI9YchgS9KqrlYzoZeFu7aF2SOBdE1f8SXAIGgTwIb4ij1qNdPYQ2EQRtSaYM2yxr9euiUvehtBeUAXKmJZJW6BPtf70QW8CxwAk8z51z7AQfbp+Nv3he5LbLMDfPu1j41QdQhv1vHfi8khCgDbjkAwiWV6yT+AKeCv/zA3TyDguXTnEBjYAfaM/YPfWWD1Rjll992maOWMoWC/MCc6MX39P/VoSKWuWklz01M7LvdndCGsh3Ec1RSVlf+TotmL/CYMJqjK+5UMuZ5wfa/fzKiOEBxsNnu0XH1ySxjrtqr28s3/LB4NmAKCoLvu6RQBky7krrZccAf5p1reweZP1YHftGH5hOPdqC9OaExoScobWRIIASWYXaVo+gOsSRsn4otQ9+sMIjD3NQlIs3xjvWiQ1Z8LKItH6EBsIMjA3BX6fjpBcgcFKU4IDaosXAV/P67MGZOk9nWEYBgRu8njPEX5+3yK1A1oqRjSoU2qb86+UKnJ858W1m40bglUm2qgY5erZVCquXLutdvzXwA+PUuFgpNliPa1zf9G30FxQP9kl/KLjq+CNaXNJ3n+qqdCLbUJZzfcycFbOS9UQkY7YEE2kA/7IpqGRE4fdFa+pRzGrQ634Qx5m4QN60s2ZTWbH+iotH/h5QtSq6QL2IboLgLb5rtib2116UvyPMnC2g2Pe75YVi4glwGZxEhxWjk74hdZfvdOAJPOWn8eqeSZCRmwH2ifXrrxdi2C3vqhh6nEuZwJiTMvNBDwFoObhXxcYtD/zqSpmJA39E4BB2tvRdjvxKmoLsBxj4CA5AM3WO8XTiD4DZ8LqmwJeW2H3VpEOnCt5I2tZThHQ5+GlMe7cgHBwwB5klmRVnnL2lWONmHNX4XVBlcxL0tChgW57aMOvHLaWPw80uIzgsLOJhtLDjtLXzm36LZbH2KKxS0g84P8ntnxf78qRTNAHlM9oUy9Ngn29OPqGCruFkPkBJInoSD1/8YSHZXleCKAIH8ubc349jYoqo60GHOKErzoSb0yD0OmUrxg6fnvI/mxFWjf/iYQfs+lP9WjNrjrM6IdvRnw/C2mkNHkaOBRME+DzjxalD/E6bKGK7etr7moiTi+r0zlyLaHmzWwMvaY5NZJqgjW4FuUeLx2o5XEhgD+s2DFpVhXdugg5XwQteruH6A/HREwPxIwicjdXbzFpj7K5Qhy1KECS1oiDlP1/lSrTkqIz+Q25wixrKC9Phv9bCj7plNZ29dil0qrwtTastJHcp4IhsmJMrRugKrV1A4thZkBdkw7XRp7IY6VqrH5d/groa3gOzL+utH/FS657t0NWoyxZigi/ZCRwpwkleE11zlxLkjgpBya3/Z7HDNhgEIzHezf1xh8VuWGgjHI45d0VaKP2dAYwYsXpfgTsn4yjDqhyUHiJ6olAsD/Xs3gi5jH2Wm3fXxQu7g8meShp+DT5A6pwag94whbbXDYya87UfRmtT0aFHNDTg937tawKDAlozYaaKDaUHhLrSWsrnzgK4zwNH7PvlWpEephC12aufuhbYIkuSLLXY4/BOY8C07rXHtbDJhyTjJLzk6Dd+T5goesd75tjELpyxuCNm6J2xDCxzrAe1tG2ypcoum33FUCupMTZy2632mZXPlintq0PGOJJXP7LpRt9otTQ8EMV9TP4haDMbzu/EAVLE2YncWPKm0ltNb4jgVjoTV/hwdK3mW6WGN5DrFeUe8ZT6J+J61KchOAPcinScDw9IMzHwk+fyX9usMGdozBLuHoM9XAELEymJo8um/7LMxh7ljlDXGvOeC1FjLEmFY+As0t+rNh+sD3i/za1QHoTkoyaV0/drDxGBMsteensZ8Rt4dM9LOfkDJYbX6uoLXdrSrpUedSi9G01kCCh/zCr6Wp8toVRYBQsov29eYQcDZ0z1//K08z+2XEPC5N1JLZtaHyzhpfRqpUOMKcAWyYXK9YECpm8/s7PyWCbYQLcCMZEcoZUHKIr4wjP7kxFQI2SZAgNrhzUHRJpx6Nld7TkSZDvKFOt3d4uzcM13q7FJVUQuXNhaq+JHvYzi9vZM0kKIur5zqucm8MPP3XIsP8BSac9aPUWsWnHG1YGdx2t13y0hBov9cZryLAdeRm5wDeZpQ5xnKWbAB7XpcMDknNfdlPBz5fqtXnV4YmHUTn4AWowgwmO1G1swXa/9wwKE6g0XtEq6YmJ3DTKXW4AYPR4sXd0j7cjLhAZNxutTtHKBDt5Z1gd9ucoNH1UFYC/25gE3mQcj0unfmGRTKGYt+PnesvbbkoHLPO3WK1saq4cQ9iv41wAHhejEMrdAEY+pykqpOmwnhTUYhrzKVWxLthy8TvWzRA9/nZWB7Cog767Y1NK9xm0zd4xvtUfMrE+tVyWviOJQWDGSX4kJGKfSA78CyEzgbuYfIm5tk94yC5xqEJ8/5pSQnqDUzO2sQb3P8jW7OCwoaQ3NSmubwVQ1sW5LQzS+tOIlvJrLpab1Mwc43CIGn8GVAcJtmOPFCj1V5Hoeq8RWOCiQj0kMN1VbwUC1XmHR7Ax23mlU5HLD7oU6krCMDR+moQ3w4iqymKFV/t2055p8FGqitNTIJbchxPpGyh8x1bm2dNjxu4daCdTcd8zKYTr+JoV3rzAlc2UYUppixUBw29AolgvI2Y8rTVNFXGdOIixE/8bkO6GPhw5tgm2ujnOHcj75/M8hO+HL5zdS5d1oYZoZo
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee3-970c-443b-8bf6-48ba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:55.000Z",
"modified": "2016-03-16T13:25:55.000Z",
"description": "Locky",
"pattern": "[file:name = '8y7hybigv' AND file:hashes.SHA1 = '38545700ce80b517f103b91cc1de905c507d02d5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee4-8894-41fa-b296-4773950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:56.000Z",
"modified": "2016-03-16T13:25:56.000Z",
"description": "Locky",
"pattern": "[file:name = '8y7hybigv' AND file:hashes.SHA256 = '6f1efb635b8719941c1df5ef5ace79910978449b705e1f78bd71db5821d9fd8d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee5-7af4-4de2-95a8-42bf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:57.000Z",
"modified": "2016-03-16T13:25:57.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAD1rcEi1xTjCyuoBAABCAwAgABwAZmRkN2M0ZWFlOWZmMmI3MmI1OTVmOTEwNjBkZWE4ZTlVVAkAA+Ve6VblXulWdXgLAAEEIQAAAAQhAAAAuzj+WrTkHdj17lTxb29+arBLpr0HMQ8pFsVTTYcEGyuMDvpYMsmsIEOOa2PrW4DSb+nh85npN70xoiKL7NsmK+zTWlskwfzRD2gVvUGxIsq9TUIKQpCtrP2Sco7tXLT70pfs3TOsmgFt0NyEODhAvF4lf45hp0WDWW6HY+qrYIj/Sk/11+HmstBEKifUcWlzHNEB7MyJsMvs3KeGatFii+K2b3OQg0/xon/1mK1p7O9KrZP3Ea4/Ab/N7tMqtyFIHs7FZoX51evAqDpAK47ozi1GiAlwXhXC2NPAf/xDxCw8ZYbs/Oe+47wpvqLpkgNgmaVad1WvwTdrQh9UkEyQ51Bpd+6LnacME6MOro0BhTGpOF2naVJpkmSVfDAa/KZtJLckMp0LEOUm9kiQjr5NsRijWI0SxuuRTKsFGjXE6KXNTnjsAGK6xknShQZtFM/PTzcTAV+oTP4kKLA6GAQqEhr9RbZ/uHbZpZjl2yiffk0rAZfRQ/nv+/5mFagg/AFqvr7apbpank6qmCcYuNrzXVPnj7hBAtah8pJAYqNwPuyQzzJuX380oW2/mRODqzbGYruP2LDb4p09SBk3RqsbtfYK8Qa1pFMowUuOXmDYeJSGoStbVr5DZ4RaWllKq5+GCzbiXM6tXKBKGPZoTcRlLT8x+F8eK617ZS0YGSW5voCFxzorqdzRKENviu4lOPU4SbrqMnkC3thTf1X8tmHL2S6z7AYiuWogubajMlMdeAnAbkyJlSAwEUHCbGk30fJWSiL+JJ/O/v7OUBiU+OtHz5KIGN7H01t7vOJKH/u06xawe44d8+WKFBdPa0plIoOC2VuYOou2qSdkqZIzZtQec1WCRlGlsqsnMClik00mchKS4MP4bnn01kX9izt+Ib6XIq/FYx5iGmMhFZDJtUaAJ4jzjZmSHmCXNW9odzlM5EAXuu4Y3rxG1PMUdPnFBaWIQ04LytK0uMbiZmezmKyVEt27daCCH9SbrMFa7h9XRleGx3mfpKd0BKQJgLVB+nN5MyDgzpa8bME/T9JU0xWAP3vb7yTNpO6JTwbJQSIfZJa5WSePlrU7RA2NLEcwXzKJYgRjYyT4x0yU2n4O+yYPyilHJ382O3j7A8DRlZuvgJKPDJDmPHEZvfwPjs45HeOXc0u2JCxqhdSHzIjRSP03zGDYeRPvmTLGs4KQtZl+N2MpK7jKQgYIDj8dsSAQBtEbrICVACpllEE6DtMcJ/9vosK8HKAX28F/jrWozogkM4Ef08xG3dmTRXLqNspAE5xoGQT7uoQiitk36Ey9m63btuA5luoc6vUSsEkS1UrMbCH2tIna6bA+hF8OInCNptZawqDYAlTzn3PXqhbeRpNka9oeAYTIlPvKup7S+aUzuXW2Vf7DaYbPZeFAAaf2ZT5+fezpE7Z8pMKF7alHzwCZCbYZsodYVlZdRsKJY6OpQIb9roCEux8EwMIaqp30GNb0H29w3Ds63bMhTA+8Wmt6LW4gjDMFwsL6F8ee4G53zRVQwZAs81ipjjR3vt6tAHvwc3uzDrPgQMnuFiad/ObHYF5uOad39Zau1M4N7Ias3xKoioWVPMciimxrn/cEkljo2c/G8BXsaOhMo/uigF7PUfH7Jqcx+srvWkC5KBZAaT9/Bv85tXvHo9v2KR97KXvYLIFumlHGK8t8U3zdfOv2L16XyX43+mYdzO+gOrtlI6doB+VU6yocwH/5VFvjYjGsX366QjNlTUKEdCe99fsTn+xq81y4xcRCTSbLfn1y60xQSQwIu4ErzNZn9kh0B1WurPwHJRIuQbg3em4vt6p5YWnZ+QJjutvS9MRu+FexN7yi+DNEI8KrT4QrcLhuHHncqxVmFpe4QaWY2acxeOw0RifxUsAv25v3DmsaZScWU8g49yG8QZy3UFZOA7RAj0v9V3YZzEv5QmLHRHrmv3/FvllT4JXogs3RHK8ltPYg5tVkGqJKNt4x1f75IzQsS9x1gmN6bhIzsI11KXF8dojQk3SfW9pihqRn6Ia2mWhPZitMZ7n3Z9WTTPpWiMXAKpqhBfBd5lOZIH77oRWx3ZrNZnj6s/EEJGdeXs5F8EpkoeWEO5zLSTZ0EIvAkyB85Q7IfDIi2K5USSmbvbvdPSS43uFnXecfQZWAzqFLQaxg/PARR/4OfwHSyFGlym0rNDEUB0FwOp8K8mXVQVb726/2QKVcPWQavxuvGLoVA9gafiEzQbYClY8fZJn+8cibY7tCQQde9SI8ph9REXfPicbr+S3BSAfmIK3cS4D3Poc6cndZkxp9XuuHGCYfVSfEhSCeNZv7sZ8faCEiJ5rEJpxY+ItPy7N0s5qa4Va0QtY2ZjjDSBXZmJtakbrIaId0k1zEPTUuvlAtpvzrwZqnwuzEXo+P3zFL7KNHgqpsS1uxCFI6m8Bo9ySDRxsxf2xh8j6hKiY7GGTURxmumscs+GFMbHJWj6xH3Fbt+spUgG4kH6wFCOuKSIh1L1QzOSpSkIDAbzDbHQyuGYOPsbE6C4PtbZwznPnRl6FgK/Bt9vHFBEndySasUm/BDqSSnk9Ou0R2Ev15WUrtDXGnueWDQRs1cinioI8DbF+Ygqk+TBlha+pxE0ihFX6rfnjk2LnCazKdKpPG2PjSeIeif2qqjPOdVRIgLw8MVyYszAl8POsFS/jCenSrVwAMkyybqjmkYaWzzUr9tFDyOMBVhtHojE09gKkQX/D4rXL4kHHnRqoiWqUhIMaYWSGKvrzF0VmqEmJcvOWvEXjkY6RrYTeJmBtN9kcajfbMGytwZ8xH8JV6AUhQzqk6aofVJ2u/mG7fTAMAvlUhSN55Yw5Ay9j9q09yhnBeaA33kuPPWk0QumM33TexJzlBABE9VBCMUQauRj8d3fgxLthat8mlKFhWr0pvjcxel8OOcffzPFuwp1owtxHUWn5EtAQ0NXKW3qNPIRBYYmULCvzUdywDtcRJf7U5Am7u0IDrAqzgxj4RIY3D9h72UksbmSnzRK5wPl/BOTZUj7PGTGvRu/ycHR4Uaw9P2M6B+pvuIbr4c6NtrHbTyLjLE0/4HsvUwFpT2isaKbHs5G30n8XmK+45PyaLnrGuSOc64ZarQwlKp6IfglMPx7ufD4yY/jyLCNWhshs5XuSfy4GAMi78FEKH7UMcZw4io7HXA8YI9rAwCueMBHiTlScBMRQVxKDbGeDZ/5gPUtMN3noJcmBE5D5riuTTcX4oaNQyY0MnhNAb4JqMRTeA6yhDnoOsWVqxwtQOhhOskejI8hPpQOLAs4bVIAnfIhsE2xyxOE937zHGWykQj3s2Jbmt0zgmHqtJnAaH9vcUc/lj0x6BoDlLnerATvFiyb3SELwY37+AD8CWNHRtFGE4I4Kr3t2HBKHHH5vgBIqsS/taA7s5QX1EInDOYxCWeliPmcUgzOtcg42CL2B6rPvDciTnc6yfFS9LssAnbalsMUN3GRHCD0S/9+TZCvMxfz56AwC248CgTHGJ+EIXo5fwdIIGld9CjE6dvbCdFB8WH9aRjCoPiYYkn+0e945rGm5sUyOJokB+QlQy64f+E1RKBz4XXMol26mt3TlERP3zvz47274QOyOHC9kxDQO+jNpU3b5z8HpV4tkI705XNidmCP4HFEyaIv1Jx7g/VkKOhJb256H5IgJ6X53OD1ZIKrM6HQjQxYiQB04fBNvZWfciszS27FiuzFVpOYpcH0hI0brDd0BgCN61OaiObFwvM4Bpbd6YAWEVJpLmEjJCEgojMmqG04ewSQ/UgB75wO3SsaiuWQDl7SqnAXuNx8ILl5h8vOCW0xG8GdAl2U0QiJcgya+dkyF0az/RFidxfZFNGPcjPZ8Yn3BzFvkpcW9TDb4d1j+slutFUWrPbkAfsjchovRa9jfSixE6sMKxgnCmpJrsJKkZ26ToJ8utzv
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee5-efcc-4d15-95ef-492f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:57.000Z",
"modified": "2016-03-16T13:25:57.000Z",
"description": "Locky",
"pattern": "[file:name = '9oi654gh3' AND file:hashes.SHA1 = '7cdeb0d1532fe76ac549e408b591ae2597f4e339']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee6-88a8-4278-bdb4-47d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:58.000Z",
"modified": "2016-03-16T13:25:58.000Z",
"description": "Locky",
"pattern": "[file:name = '9oi654gh3' AND file:hashes.SHA256 = '789b749ba806319c37ccf914553b09e0a1f2d1722662a3e3e3ff6cec3f614789']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee7-8f78-47d6-8104-445b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:59.000Z",
"modified": "2016-03-16T13:25:59.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAEBrcEhcSON+KuoBAABCAwAgABwANjQ2MDFkYTRmOTQwZDRmNDE3M2E4ZmJmMjc0MjA2NWZVVAkAA+de6VbnXulWdXgLAAEEIQAAAAQhAAAAuzj+WrTkHdj17ik73ZxTK4Vg2LYsdk+yav0tRwNGfe4VPdu/U2iujTqwDw4bABOow4ovWuGHuewLR8Qy4N73I83moF8kaWNUmXYZQjD3ntK8OlNf8g2JUfgqhBw2eOme0PtQ4B0dh6AIYfTwBiLPxu5h06v4em9w+vgvLT9OF2+5yoBkcKT1WD41vu9JkorVOjjzDjJXR9AVSLC3n+w+3tYEPXl3AKTDM3nyuNuk/OzGbiJORAg0uRjbtbw/d14fGYsjb+uS5wzJ088P/i2R/E15p0JzreBAkwTzh+BF2Ykp90B8SZrVtUihFb7ihnHBD/F5OTSaf00C1LFljP/sDqm3L2HdH6JbCB6q2HMOKhlobTOFf7k9vs/ZYUQSMA5N+63XU3MgNLcg+wU1NuGsQrpBwIJYanMEv8BvATFrP6HdD04lMXN89lT8ei6WRqsIm5nQ5QRtHdFsFuh5cGAoLVt7s4HhgFzBOiazfEDMLcpoB5f7PG2Ow3ym1eOFBRl5hhd/XeSHDVhe7ZsHIV07+KiYHhbWztkklY2aX+bu7HHOUYYvdIVoaINsjVE3E/ATAJwWFeWlg/8Oq1xWZSz4Y5PW1IqAz94voVJjUC/rh49UprboIIhBdtIlbPvD1Jgg/sp5a2F7zbUWzdFpjUfeLwRiix9h0uLPb3c0gSWV23Sb9Xm+OkXI18Kw1lSFJhaUs8zGT1dhEDfJuy/z4JeUpJBCr6q5bxjDHRg/tnEpyrY5XsvD/yFYjr1Y7m9SoVA+MEPEkP9WiIUQVtz5kZC2aJ4YiPcwrVohwUV6nnS8QjynUv3hGZ59m+w/p+vZWhnIPy7iCtVn32HlnJBK21wTm3VqNG5AYjjPNJP2dvMKfWP1GtJ94qpsAwhM4XbAzhPl02nSrlOOKYbKeLuK0ddL8fryoH6bvlDLgEwPhy6FQSEm9urksIDe6uRa1n0bmTMt6lR6aKvwnsHWxfa8xlbxTWwWIrkxRPSGyY8Ony5LyW4EdvlR59qGM1UzaiXl7Fv4M4zPJXGjoldBB5IOFJfj6sygAcLh3Jx7fxRy6+UicfXBKqwWOmG3rJdTF/TYmYBILQRZVuynZ8xLGMJklwoH1Xu2KOZe1ew9NNb74EJqD15TNreSj+a5pBLjynG6WdyiJWwN3p0+BwLUN6Salk6X9hWl45jdmq2no1bxPmzXi0FwBkdiQJhHNIU4h/U4yvLNWtMCaD0P/2lmEOWUInnfAAGShhxYPz3wUvcbTsTPBSUrtzq7CsyOt4N4sp4Tr6c/R5fxlo0/yYTSzOVurToctKNqfUjsxgU+JMFpGBQ9DeOVg5TygM7QIuDzi23neA72kMnCksq5fqBCbJ0ScZ2nb7Yg4Hj8Rl9805qACGanxzTd2KissBhKQym42gC8aMNXwks49apJNXi/hslPE3q5UDgiiJLyvELN9c+r8vruyZF5dWHU9HJbGsgMM24KRUdyBk1KdLTPJtI0MZr31R1388vRr+3trG70RbM9s2GsxX/XVINK+g4/CYkemB3dQNjDkaUazPQCgmfzG0vaB3Tavq36Dnu4TNE2ktwl1PDOZgkWIZyGTK95OlGhH9edKel48cGE+clPEAHH8vkruhnUncZ4zjO62WbRGNXpXxlc90xZMz3jrmjc6BBVNcL0zk2sLjAJNW9ev8xzBeGjKQOFWQ987jJrknq4J/ELfxLuT7yu7Wb1RU8T1XUh1EqRmh/dd7H6EmpMFvQrF9u4ZBm1HlCYwhfTjEFTHzdZkwyLmzh8A6Dyepz0kFBQUaxgSeXqzgZLjk8QEtB9/hT6FDaEws5GNNeuw1GK8niAu7ZHaJs66DCrUGaXtGpykhyGWQXBQxVhxFLUbEDph/WyTDr+iWLcAsLDFeNo+5TsA2e49+aGdB+HqN7qBkPUUm+uNyapLWNveYT308IVzK/hgcgGqI8RCB2e6YZn8mz0f3ZvcfaPm8w1kbaEC+306AUYF5gRu9wCcJS41+Z/TNZo2Re4dwfJQ5HO+gUP1Qjq/aObKN9eHHng3cX2veLfmuVejW7JYhhNlFzIm5nW94QgQ173habrkZrgzmGT2AUXa1w/Hck4WIDGF2hlW7bqQeTuCjxoVzYgmrV+736y/SiDn++C8dWaNQodgqf8non+YNxUki8qtXM2SkoPiT8befpCD+vzY0xDb9eiTneOOUxFoyYMsYIiDB3NNcyTA7ie7S3YIiS2oTCL5HIpBfNLBDjx/ZPWxiaaI7lfDTnMjKmQZtv3Bpf+y1YZIOhZ6lqJx+gnuTr/bchEiuUs3IX3+uHtc7VNTiKuGOu76FujRfyXPL5nr21ZieouLNSe4mxuE7WJujv5uFYFWaR7wxNs11xj/JZ/JuyTxX5tYVKjPDe3jYCl1ZHgRzc92FYMD09OqmzEYG3UzHhqopOuSgnd7P2NPXSdvvWATmd9BJOwzoQNtu3fi5aKG2yX5lVfRH/OfemUPgzPu1585m+xoY4WRxt+79yOqOFoZiViwagnMwSUXsRVno8DOpO8ZSgH03GWxGVUUYDRsWX0fZg7xS5POx82GiBIJwyynq/kjMrax1aLnKAAGF9f2WicxzX3slqZMNRLpvmpZCXYSqZS2v5PJxnti5ZDEFG0Ga94zm9EUbbXUyAd4S7d4HrgIeXRcAsqLXZMOlbBfBpep2g+pKYySju5dPJ6tWN6UxMrSrAGCoeRUIG/RmzcVBodba+1ROTqSyp2fnT50AWGNu+tbLsFsVm3HOWs7JiMIOT+pWMoBRdyssBUYVSJqsUOT5dzJemIMWl3Zb5DqAwRfde1L0QQxy+HeChZbACDdkB2RhF8Svh0wiH4qHouLbRq7ho7CSvqXVubEoJdG9nXylec8iET1pC3+s+g+TJLRWrR8WAbQdJOsIwmPKO0MUBw38TCkkNqL+AeH25MBEYcJ6oXgGvEOlVh00QhBV3/lZ2iZCSAmKnfLiEzR9QPDsik/SyyJ+RyPAGVhfhR2y+IT+9bmxEtfB8AFkMULITXjoM4U81BhCATEf4egXqvTNp2lX6sLYQrPRT9WSanShey4e+MVDOvzcLqNW8Wo8FuEnaBDS+3MoT0C/mCyMHQ7SOwJpqklwIaHEez2VJ+cnTv+ym4k+yVLkDpiJWg51XpnZvxQl3RX5j0bea+kAZ+jmB9xO15TPnjtAnyzhcJR1m84LXpILcT9TTwVvhvdDHf7R5HKw6zTMnr3qmXqtR2aa3yj5stN2Qn+cBgpU51ADxaPztGzbFZXA3A+BfljTCO3U9sjEuPRtuU5VFU/2JycK1cyTiYMozOk6qcJOaXOW5n5CA4wbB2xiUn0MEVF7a3FN8Z+QsSWv658hHo+4no8snjjxt3Z5f798SKSBb14WzZ/rBlgRnJr+2XcKVkO/o11ajJ1fl8c4kthW7tbQx/+BYBWkkaDOlrCk4PTV4CCI4F76uOT0riMVQXOQK1yGjhvxyGoNP92Oe2wIZe89BSmIH9+ja71TtqMznjfdrRtsAn5rVehGoL3BCI3OWDVvniPh9MGZgvNw09fssDfq26f4ZGnYXnKtOmAWtNP6xxS5mSmIKvIaJauxsLaUF/vEHLGwpTvuvePJWdp68bVA0s5WJ/0qoN4ugV106Kme9C3kh2G9E1Uzcp7ZuaKj7NuXUi0LSZWZAQ2KXraGaaKCHd8OVXCX7NnCKXnGrp1wvYdmqHESWW+Ok7ybO7ekVR2/tEAFMCWXUNgVlWpAZFQciPxx7gzAI45DdQmUxWUWp2cuC+HiIthBm7CK9/8IAMiakQV/7ZrEx/tqc7V2Ufa12qNbmYk4o/WTc/fyOKqlLCboLTJcpEz1jgjKn0IIvIYIoXL49hkpQT8gn+/FDN5PXxSBnodzLRFiAiJ/GKzInA11dbY0DxJPsi0OAYlbIBeQS+LOJzpSyCsQ
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee7-30c8-4d1b-9131-4b6e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:25:59.000Z",
"modified": "2016-03-16T13:25:59.000Z",
"description": "Locky",
"pattern": "[file:name = '87hg8n54' AND file:hashes.SHA1 = 'bb66e3f61b1a6543b7253d616baf0e951709005f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:25:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee8-010c-4f2a-a057-474d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:00.000Z",
"modified": "2016-03-16T13:26:00.000Z",
"description": "Locky",
"pattern": "[file:name = '87hg8n54' AND file:hashes.SHA256 = '50f1e7bb019c860712eea54d9a7874274530b3c6882b7064193a640b4dcedd9e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee9-5464-46c7-a81f-4791950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:01.000Z",
"modified": "2016-03-16T13:26:01.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAEFrcEii8kRGeukBAABAAwAgABwANTVkZDcyZTE1M2ZiZDBjZjRjYjg2ZGM5YTc0MmNlNzRVVAkAA+le6VbpXulWdXgLAAEEIQAAAAQhAAAAxi9niAffRt2X0eGYrCeJMN0XGd1O4fePdKXfw1g/B6wi3+oXm+kiWcxyUuGWCl0gy31wbM2+wp9Q7xfacYKsDKJ6mYJB3oLnYz9193PeDafk8FqBDo8jyCG06XwOT7IvAr2/ahlyilnOpW8dYFOkvkote+3YLlDWP0IKw8Qkx9uweMln4rT89Bg6gKNpTHL8GQAzTD8sU6HuIJAuz5/4ZtC/9/cG1VO5lSFIbIsF5q6T5JTobsLlF2S/t/0emr/QJxAQ8Cwh0UAd/C6DHTh/ttK5UkEbev+ZEBU1msUBDpNAdLRAAa+yf8X5029F4H6BudnvB69mVf1+WjX/f7YwD1qiw9OzbI7o5rlHC18st8ls96FjI3zkrMd/ZyvmerTvQs1ipSI2MMZIOWs5OFteekDAUjdOT9PhWKb/8Po9epFI0qfeZeKFxvX++TR2I/p/LRw6+FmO5EaXiqCXLKKHrYvR1hqtzeb7JycS0Sy/BcMvH3Y/j84J/vx+2bizVjtPHhisJdoImQVty2Tx91c42sIA1XQ7Li9l9QJI9Fqelr7ixe06EyyLMTkfTeX3tSN0hIn7JR0GXEmkNqvzTtJWNh/p0axzOtWGyge6F1B1US4oF4U/V6rtKQ4Pn6KWuS4fTGa23R/OWOz6QnYsE1cr2oGqp9Q6GpLJsBHCnCCWPKbz0st56GqTvN1Vi4DDwdZi/ig0PfTxX1FGyPhI9sDUcwLxQ9qW5JMaEAAMO1FSNXiKqarEx7+B9S0Rok5esQYTRdDl+mq7tVaP3kih0dPhP1dFDGOa+hGhtS46A2DZSxNmjUWO7x+kvL3hlesPDxljUj/1Vo8QynzhU4aBJ/w9b+nDk4PkPrwtgE2IRM9NGOYZw7v/flO3WPZxbkkfYgFfbroH8bWnJgrHjpx5WLkTIeprf9bUnzOUPnasyHUldzUPfJyDY9lBvC2SfUsNKrKMWDMWgjqpa3I6hL+qwMk7cdZ3g3Xrl2+FqFRa8LyX/SZci4oPK8DzKOR93CxRsEs7GnuKtDwEzjzHmcNDnGbmVw500Fi+/WKeE3R13DlngQ95qGRgk+oRK1eSmDyxFtfLa/f63CZsPzGE/REY7Pc26fJ/hDbm0DK8XJc7NTB3YuqZBX4EiNoeIGuVqbd/2wAHwFpGVnzz4/iWqoZTmoOs8adFtBaaOvbknlWgBpbVt46OSLLAfgGzBGBT2+A8z3bvQu1R6AQrLuRJJ79XnrNugjwnsxL/F5cpn2JXCljmgejPdC0bDBDfx1d2Bf463k9gFEGtGFE4QE9VKUMMNWzYHPo7iVn9EX5BO/WKeNlCemy4E0/Ma9azHiToaSj0toBMoDgwKz/Q8X4IQV1Qe0CAfxS4zQ00jKCvlmqo3GA2fkWr8X+6qGuP7KgjG0g6h/4NW9oL+NpbSVPz4VXOBvLTgZYoAwziQ6BQy3xHi1eIrtvZzIr+Po+q8hj5zUQpr6j8Nfr3dIYu6u91ZxXqf/lPQ7JHKgYjRwxT6FoskvTdDUZSE/aUkXeTR1dHAusMaA1DAfKMzdffg+jVRB668bLKgy5f+YBgc0OEIjy1ji01U6QfKQZ7+2MtHzXgJRj9C90SmpgPskbnF9Lb5v0OjYw88996ou/CniFsRlTVZS5gtUYVWzK+30MxkSR+XKgZTkB9b0f9+k+L2/+kPwHbizVC6GLSeRx1QcKUtcTwMI1KOElwdbKSNo9cGjTAsN3ZOOcedPexuFOogx5OOPULv7BiI10hZZRwK7W6eo/k0FUG0kbX7YHYzXY2DZxuiOJyOrD6NsWMRmdNrM7L4rEYhbB57Kk8pvJUO4IsZJsYIbRuqh8mEK/2ktwzlG6fmy/zdD01LmI/lYxd57qslCtTrh7MX80wa1saYarSB9wrPFpDFcABKmWW3cPRhpxobr8HZ63CP+JkowY/wGITOUvTPWa6Y66iYdJg5NqYaefHZNF61inSmHLir/uE3YueKc0s5GTx5BTNP8GoQqZgE27af14XNFlgbDkOrvqtOhM6r8oO0ejNBgBPxhDXLpJy9r6eDWdCjblKCfjXdF03RsOzCy6y2VI1LEbyN+Uzb/MGhTJSe5B0Uei6WuQV/yN3Qa9m7kW9CndSGhscX2XZzX0AH5uzx5AwvfHt4C0i8W83ddacN0K+L3jssn/YinlK/vzXPXiosF7Q25UKKUdrn/u2+D8lS4RjhICpOJSr6YzzTs3DMlpe9IQLqxIhCkFIlUXwNCvdcGrMKWuW4PVKOeu8RrevdNo3GOU5nKGZ9SyBo/tgsvkK986wS7Box+uWkLm2bV8JFm9d2bdis+a6G0FZSDTrJYOVUobOOwEGgQ5F3NbnsB4p+oFaN+19dpkOy+9GbSfqE7R6s+hzJAeA5yDHgJLVV40AicYn69eTMDYWrR/wSKK6t6McB5jbPPj8JPblGP34inUWo1/w0aQmgOtbW3HJs3vzNRGrlkdTSEd1iwtdO3TQEVRtn4rgUe9m26xNqw/7NBJy8/u243+M8pB/qC6fcVvOFSG4rdlT5wP9ZSOdz0sIFRHaPcFRj7qeDr5+WwaskZ3jPKTuqqk2+OrrArGn/1IpEDoX2znevDmcFdGTmPxiBSua4JQ+fQ0VqMcnidKD7AxiagrSuLr5DO5orO9k4qB417xmKGNZjtLaf5BjC80n9IDwlpf+D+yBpmhwCLOcjzmF7ZtKeoiPXp949mZkzGDflwnZ3BjC88QX5z9NwNxGtuJmwCzUslq1isOrduJR6zc48ydkXB2TOWrvaQiw3yedvry/vmbHSfKOm6Fi84c0me3cXOhw29IBn7gspDseGNY7Jaf+dxGZ75SSFsjK2XMvOuksuWQHKUH9IyQfIZL/DtqpBU1rVDZOSOjMRaspQ76Nyeo8tB8DzjQf/oh5VVMX8Esq2KDvZsC9fbD68rwk0iOYJg18nZYQuHm5xAk3+Ezp8z37jOmGoAdqJHePfnfPcqWve74XX9zMAMyAfL1uvejWBEpElDdpgF4Nknpa1JUUtqMOSnFON8Z1XYSG/rTc7BBDJmcaPjwWtRQWsCS5FcotRKR5r7sWHx/3qZ9jc4R6OJhXq8ze2oIQzWpATmV3XNgxfhR1Rz+vN9qXAeBnWPvdrYO5HUNUNLKyZ0Q5a9n/6f9o2Akk1O2XEb9yXI4GuI8OzKGkLYJWFmSxWMo3MlRwuz4V7sZev+OIPpDQ33U4Q/fyu8OcB7jojYMJLQ0B+XWBJYHfBIp9pu3NIYO36XhoC+zTZcUdwMyv0V9p5mcIfmRYPxuHHkmHoKdU1Kpnz4YwGP1kd/WFhdnWlwKb1Y7i0FuqfbifURECSCT1Cn2XWJlTrnBAxIUvBwla1aNRD/Pqk7wOBHjrC3mXqQnRiccRAVNYe3YuVX0uomH6nKBzbGkMCRc+Gv0ojobHhQxD11CWL/Y/Jm2+h+b+Dm7C3xdCMDuFo3avbryByRdn/oPQ0r/wJVxdFs3daLkc+pDANTV3PIalTg38UkaOeB1KmlqHw6+mfuoJ+0NVEM8tz5f6oVbTnU9HfYpAIdH2zZLqDSAOqCiQbPRvCgsWRBGVufST02bekzn6aShFNsaqKpAzpphYm+/2p7t64AqiGO2qpQFhW41ZOZ4NNJwwXY9LnYgvvXrs9yUlr3u6xaxV2nbMOsCaDvbwwplKC0orzaUgD4vRvDY6D3IzadJX6NoyZFGa6wiGwZUsBRC3TESUUTdyJciTT5lVplCTbuQwMe+lfm2Gpr/g2VOBaO400ALq6epvWLLCBHCkPjqwdMfJjR+RFXspJc1LB/hdOuBrjFSkSOXz8APSiHzXaXgcaqGzdI8APudlE9wTqzq0+5Gr52aHwcvIPZM70rSszlP8Szx47nXS8pryAAiomkV+wmuvualV4qzqYoS+YHxBAQuu5bT3c27+n58vOH
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ee9-fa9c-4d5c-8087-4c11950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:01.000Z",
"modified": "2016-03-16T13:26:01.000Z",
"description": "Locky",
"pattern": "[file:name = '98o7kj56h' AND file:hashes.SHA1 = 'de5db46f65e92331c287fbddc00b48af8e230b5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eea-0780-4af9-aa0b-487c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:02.000Z",
"modified": "2016-03-16T13:26:02.000Z",
"description": "Locky",
"pattern": "[file:name = '98o7kj56h' AND file:hashes.SHA256 = '799925ac2fd7020f2fde87ee9c43d3c18e33ebe8ff0ebdaeb03bc71f96a6264b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eeb-da9c-43eb-b5b4-40a9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:03.000Z",
"modified": "2016-03-16T13:26:03.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAEJrcEhl51/uBOkBAABAAwAgABwAY2UzMWU1YzEyMzg0MjcwODUyMmM1YjgzMzA0ODEzNDVVVAkAA+te6VbrXulWdXgLAAEEIQAAAAQhAAAAxi9niAffRt2X0eJv4DuKWfhuoECPE6GDzEuGGpE5h5da5YmWlKKh5C/b7+N3OvAn/oLlN69vbGSMByxszGVcCrBQvVngPozixLhUlI8A0SUgrHveX2NEYgolUmhcDfTSu1xmnBNwtEzRPfEFa3I/TYHQtSF/otEfEdzvp9Iz29rqJG6MdrMCG8WVzYSdCKb4WZyZERVTS3zFpP74EdP/FVPSVVOkQUbx1283S8s6oXYIoheboQOpkPhXP1yrN648CS7FZFe5gEg8OwuZN9RxD0lRkpH5bT8f9bahGpiFxg6gAprunoQnw2nwzfS+3cnZ66fjYdl98MJYiekUWvTYUY2GuwVtnk2JOFvOXp9vSMTWkYRiyLj7eT15JkYvwzkVjmwPwCy/I6JKvfXP0tEg8fdfU9sLBnGN7jq41l+6fgA6Pg5pCnpHClNdfkjK38bNB39LxOmOkW+ku/Y8aHfHyJD7lcD8Tqy4Ct7xoiOyHgcv/pnAJI6P6BRAkawlPQwv+Oj79ej3qymyk5WPYQW+liDJW0ezhCNjs5JXaGyKhWwAmvgzj291o1PLhga5ZkCnzc6qSwCau4MHD5uA3D2cyhfbaPkeWQPOanFuG9D71E2ImS/H3sGPoWybRH8XBt/IxUhAu9z87u0SGo8NfZ6fuNixCDKHK4ifbG+M3AqctjaSfy2oLSi/chyoaGi6wkcT/ZS84257Y03r/VAlw5fCjvAk4jAe/cWw4lMYNFWncEMZwvZIGI0RoPgvyQQGtc52ihGhnPI23PIMjZYcHHApqI+q6V4d6eu1R0ze+jdXFBDqd2c4k0YN8fMoiW0/JS/vDqlmnqtq+V8lVIqK/N47jF2oy9jsgUeSjR1Xc037QcbyiYmojkdNHYybHnVwJaRrlCEfr6dqp/l1IndhRi6fPiODPr61KduBOApktVXZU6wYrK1KA+DHUxdv9kyDMG+URIBtRbA29b1o+2mnXd4AzkkZvkNjyqVA00/WNLfi3sFzvyDy+T2DQyVHCnA6vY8IXb1rb/t/Gup8Oxm2sOSTfh+m1Mkzt0fei8zOjHvTVXe0EvN3oIFWZ4Ksyk+R8NFkFxawwr6uY6/zSiG2rQt5FOeRuk8kfAmeyNU/CE6/vy1Pd77W9nyLRUI3EGj2Eycs/NzGCIkcAyPuQwjD6bMQY8VwyJyHd8ucZ4SR4WKDnJv4o+ea9NQV5F56QCHOlDf93exEUnfRSE8nw0YKvVVPb6sQf5A6r9HM6olecTYOvw2OKGpuFE4rOAJVqnVrpE+03TQttcMv5C8HTMhbNDuo7LXPKn5U9svfKoadwZcKN0pe8AmKPJfGjo5eLf+Y59KQv2XE8BU/GRJJcukPMjpQ/5sRRA3PW8jK7Ust3iXT1aU0pbnVoAAbhVE1dSamqXZPXpI9IHNAdhGh+CzYyBiKOpn1McNxc0P87Z3Uv6XGy46sU9LSl+jII+UlKnles8eNRljhtuSJ0j0vQ+Nf4d5rtURhthVNfSqnYmhIN/VVoRT1Xo1g0xvwzb4Yxe71JuT/qCYa7UG43McqdRfiNRfOCRBZX4oFagkHPXvL9dXKKl2J6D9pdxAcA6eLZAIRhrQCoZzlKmroiCXTKP216hOqHjMkFg4HPVOZotaw81dYyc3pmhoqjKwstKFfl9d1flUib5l3sfgujp03i4hosBq7hHT2/waGyThkuckhdZP0Qu85fMfdgeY7w7c4tVX8/IvaY9oVwrUSUL7APpx4nbZ9PiYE91ZlCIe+KU1gXPoogrgfpaSjkCVI50Fym2a2QljAo3BpdEu9GWgA3iVOQtuuf8dt+je2EvD2DuQcYzM57fb/AR1Zk7Z4gjp+nPAIqyiccT6F/zlcNVxMGLaSM1NWFa3AYq6Ai2n5trNJeAfJzV8+7rxXaUQuZbQ+QNG5rEYWqx2fTep6B+0sS49LPlNZ/O3pKBtkkXjKV06HA1f+zDyC8niYxoS+ylTDgqysfmYhjC3/M9+qW8qN9FS1We1J8Vr13K0mL/Twg3xXeuLr9h7ybwesCMzRFpy2hdb5FC/7o3F+0zff1UprHs0Yb9WoUX0cMCR0L+sHLa+9vGBww0kkWG1viruOzvH1UmNsg3mGwOukfOUfnDER8OjtwBUlc+dv4tp0/SyjL8GfcOlqjLi3Y0cfANUalOgqUOotfzHUoPirAsSIXVuezPhoy84lkn50uU+eTjPcSpZLruG8iI4T1BNsuwJYbOQYLLT895GS57NxbOT9UTfvduzMoOddvRgYL5coQMXoU1GVgY1Xn73MzdPBvoirN9feuNi7izry0QUWSlvtSpAdS4XA005UuEuCtAQfi2uHIVBDU4s0UXNnh2QrWmxu3K8/0vR9Wsw7aBCXqWoEYydrN4kHW0chr7riDG9q6ZY9QOnKihPujyB40aAZPojF0GHDay10mjx30Aqfk/RliYg0YZDgj7jisgNrGgOWVWhkel3pNEUnLfm3kCet0waf58zEwzul/Wy6WDa//PXEz8+G+K8LdLBNG4Uyy6oL+NO+yj4qViJ/8bWawEux8s/cxM2Sq5UkArLOx27OYBEvFoUcmz8hAhJhIbGKmNGZ0oqDXWqBHAARHZ1u2cO3gPJ9gWT57lAIa0CSvotr2fUo4V9tGWVo2fDKHIw9d82LRGdxJkx9oXaw5+Bajla5AocMpC9UnNWgj+6wrbgllTQF2sASHAQW/fwLgF4k6NuycR1Qmcmp08CUhAAWqUKunZTomJTW0D8JnSpjmM2u0v7zT0c4+WVkXop9EEkhRuCf79qCNWCVfnvvq6s+wsFekBFTJbHgKPb4vT9Ec/MAtAjpL2IAIrFFAZzWa/k1OWY1IMPVALl85yofGCaUaDDEyrSSQagvEXkO+SjjMOexf1S6R9PN4prPQNk316Qw88JQgm+c/Pq5xCts1EE308wuGVxIXhzewPisXaJwWvarTbWZeLr3w2tNnUgspGC+q45iBj29WNnsoWauYZcuddTtDeb3qqAVZwVDsvKaARRffTqsvp1GvrmkPEGkv6FtvgWcFdhco2p9Z8vUpI6vqVXhHtgPxjf4Iw7F9hqSGNhft9ZLnSwLs7Wa45EgpoZB2rzaWi7QvjnIWFJYoWFBxA3tUXm7StykFSpnMsoyNyk8EckHNrdbJ/wSiFh85Bn3Sp1n8/untivZ5EylMy35PCg3fVCYrXtuMqJT171m0tX9ClCTx86C03yelftvpoNSBRC4ubWxCqI5b3VRCHd64rKLcamsbMhk7wTDhTDGP1hYX2J9UVv3UpFGYKS+pRq2ehCkAfpYXVu+kfFxELhMnAMisxzE8zqynwFgYawepQE2pNnDmxi0D5nfEBxJMb9LWvHwLIsSAmIeWxk67AZ0uFYC1WjQ0+r5DsXdzQBWZX1dydrqFNehWiqTKo3Xy3eAF2lQc3D/OCEK+NhlS25vhepj0Rc11hwmnuN3ePPVB8/ZJHc6Hlu6U8VL8vf5YHSS8B0arj5tFDoautRBIRlIfB+ZQvFea/2hGrDJzxtyugq6FpYH2KvabrG7CwjpQwau3DQPTYbWgm79qYwfO9riSP2ZpwbOYc6VGXmoVfmMHI0Mtmzpe03z/5uXhdYVqBqj8WOJr2TDL6sUE3WEtnxFkwov/4ZlV2q+mxWzs1e07w1xloJA/b7cY6S+mqmNxG4Yfc+gnoMlXJsPx3r2qVrVOMkNSBm5cVd6Z334YOP1FyxieJxZj2KUZzg2biamdEq8x9y3dzFmSQ4YxUnL443HkfboI0s6vkQRMnROPrxo05RNoEYsxmzZwGColFmoQLBpbVNQMakUxaQ58LBJN72mwCITJNvXsN3j+fL1Uj7oKxOlbHAYZRd0bsPDyoXnewqmSH8lKaTgW5WN/vK78Opi+k6Jpw0YmqNLpeYSJTEBK037N2ftCEQfJL
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eeb-c7c8-483a-b946-47dd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:03.000Z",
"modified": "2016-03-16T13:26:03.000Z",
"description": "Locky",
"pattern": "[file:name = '765g473bf34' AND file:hashes.SHA1 = '29191f592be098b136c85a605fb23ded318a923d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eec-ca24-4e96-9fd5-4101950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:04.000Z",
"modified": "2016-03-16T13:26:04.000Z",
"description": "Locky",
"pattern": "[file:name = '765g473bf34' AND file:hashes.SHA256 = 'f0ce08d7cf47baa342274474ef9db7714e6a79fed9cc4ad9744aeecb524e2821']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eed-6490-44d5-b9c9-4a51950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:05.000Z",
"modified": "2016-03-16T13:26:05.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAENrcEgQaa9OP+oBAABEAwAgABwAMTk3YTk4ZGQ2ZmM0YjA2ZGExNDZmZGM4M2ZlY2U0YTNVVAkAA+1e6VbtXulWdXgLAAEEIQAAAAQhAAAAxi9niAffRt2X0eNgIEcR3dsSDQpwvt3PAD7aCr+TwJySyHWokpIIFM+VKTsYUJExt56g0eOJDQi4GsDvNi3d4LKzasPpdTTWZXyq6AUuD6bLu7hw5Wy/BO/ET4rxVw8yNQXcLF2RVRkzseR2XwQKyv9QxUoYmEaBADP48KAVfWPOSH57jGSfSvoeVDwMw0OH2WqmeWFofbZ8tiA0Sce9VHW9oyVXHSLfHWqxz30l3yvEtUKgxuD+tv0QwH+wKQD0y5PSuAjGZWTz5xgnQpzgRH8Uk727ulIeqUC9Co8kHFn+a8LedcA7EABbTBUvMp+G7IsKp2y8HoqK82k6zovtyhQoeKAziRfk3MACN4uCqpBv4PunaUamYxphhjOCgmkcM0+WIuF521da64Up8r9lM1SSTBEjmefY/+Q/2ggIKaqodY/Mupc/kVdVQO/ttG7vejp0JTnTl93tukn4k+lxV+TTeR7DofMQECxh1OiSmxsawDZOC904xBtWX6KfVSHOApsHGQj+eigWfXA9ps3RFIXx257UMU14XuLM6C0twVj3p1nmTqq57alCu/E658/51Eje4uvFq1Eod4GXXSCphDe/AIKrr4gjs37kWW0pNr68tIxPbM5RDiaKU+dXqM0cgio+lX5ukhdKU2OfEYimJ3iR5CVJ0ESftzM1K4bF24S3wE1cSu+GL6sYX4PcUFFww0ZkbBxfuhlvO9+b3gpl2rvDeBa+3//8Q+a2GCf1GyN6b7g2NSjO50lRfRQsyWlp0H88Uwxf6vGckbz068RcP3J4JU5GqLolWMD4QUmUJ2hLOoinZSeoYli0a+a8XsSgVp5WfRGYqkyStZVriUlvTF/eJ3H4tILk1dPInlryy0Kmk4BvaXuhVDOMtI028w6d8UeExTVufSKnJU2mpmZOHaF9eyMTn39xLLVdOvHmlszNPJMjfvfsmFcl8dM2Bkbv2BiZIPqAn1WKE//jXT7m4NyxOn9+TgTiWJj9kBtvQ2cYWzAsj8d2Mv1P+3ljRwib205/aOODnZqiPMW9vR8LjfAgY1KF1zhX6fvtNcByMRQjPK6EQC8hWUzI5Mufz7rCuglwhfyRN9ICnS++7w1nNYSj0Wkz9oxuCxUTAUme4NzuecN/4qRpGQfhUIgI4Ec2hcuXovqY3YPyHrvE25yut2eqnTMsTfJhe+yx1Kb2TE0RnGDqwILQbsLEUrGZ9s1JCiMZYreiRNIob5KT6HfSMlzSgPARI8LPP6ZMjbQcI1Vr3WtPEOcKfteQ9w+yaYiImm/5W6O8iUCMYuAtv3vYxkacr1fjPRkL+EYOwhIcPSnxC5B2bBZ2MHReZYYqLe8BfnaT/zdaW2I3AMSn6VhvcdsNFnpZQ+Qu4KAItzsmQ4F9RqJd7We4XJIMAIkwB8+z5yVOO+A0etwPPRIs1HKylNr4XGKFbRJw7MOFpQ4/huum/RkokRlkpgWBhOcwm3LbnyJQ1894BWoYnVBUgiiIqEbz/8V1goE17PRe3NfB1Tkjbd/YCJCXW4/kGN6OKT1yF+gsJab+PHjqufF0ZyCRotBNzJZA70AK3BSTLrXc1Trhbn7EOxfQkEpTnSgP/2pCAIE4HyHda4zotww5mtfivouK4V4C4qLD9GuwgYB3C/rLvj6xu8VLcaz0zvUo8s/L155WrovxbXbZwldAVDLpsXjIOCJYVuvqDj3a6bCwiTwjMqBRtb31LyTYI9j4BcIJjXrgE3l2PZ/wlnIcEcq3hLTQBdxPqVo/XhOuTqegGqaEL3y4a9oFnlgqGrR6BvNqMmVewb3EhZuOPCjHL0U92L4JC9uM+savClfG9dJ135COQ4w6lDf+fjYnYV3ROtdkXQ8iVgiygob5iHY+Si5QJcWYY7Ux9RrNqDHHc26P15TuENx0cCuvKjBL7SiKmXIx3ZswvFAj1si6euz2bGIML6tznktS3l+GKzE6tXTICuJaeRcD9QftUK7YM0AME+zDkaK6BBbjIaQdZwi9Ww3b9xsml6EcaE0iJ7GmE79v/7ctdk2vOw1iRdReheTAA3Qf7WmxwiBZdg51F3bTNqP4GZCmQHlqm0lfzme7PdmOjd5WezLEp0Qs9/JmS38eCTJzKhlyxEZ7KQusV4ZHupYohbZj2fbeth9yxU+vHayz086rlc/g3IO4fKCfOy0xgWhkiFIaXVPNN++wmnJY4IMtVXt5OKz4hQ2hEPSMDQIc7g5XEjvd1NGJN0wcUO0r7feosKf5Aimi6QnChLzmQk91NM+OM2dPCAwzDUUwwGMUB19QK4htKp5ORPO0UHVjnUOQUpWUXZWJhNz/xI/dKLXFKWSK/T+fmBgcpFoXKIhWAPl5RVCQ/NIbvqAvD9LjD+4HL+Mk4PXc0hbDNl+860UU4kEzKBxta8nc3Xo0HZMmptIRP9bmgqd+jlWPprBANiw/rBYDaoYAG+d+eHzN4SJHvAPND/cdJoCKlxkcCN7t6aOJFApvPtpGh0rcFPQvjdqCkJw47dhMv7OtSY/9MeQBQ6/8+syeLsXKixzd4NMBfl4MjwcBJ1Tf5phLYCsTURoDAAQm5LvBDt0vyl8VtZno0WcTKBkGBOov3Vrad5s8EfChJJMkwJ9zxBQfWKL+pgNN+/5JKvz7UcOTZ3xDRik0e+GvItk1KZVPQVD0JzhpPaQBZJZqmEP/VlWfdx6x1eZpCqgeWaxC/r3jSt9aCI2kXgaFD9xlvBw1WvVww8OR9Nn4vWN0SKFlnxiJNK5MZkGR3K5uuSBbCuwzF799whBjScP8wZe2KLuTTr9ZurBxX/398oe9++HL7shjZiQHGmWCHaiYB1XoYxeOrRAe7XOy4R8i4zj/tpw9fFWFK/laTahstfxkXoLyO4phUePGMyMOc6cgXbxokIQAJ4tK2AvyHacTm6MsPkxh5Vc9vsHAf+vUpPDFqi5XLWT51AFnZYrhiRV0WBXOiGrD87DBrNvXB67Gj/XB0CY7RuQTogQAztjKZDR+33wGUg6gKKWoGexAAxrbnDh3lniI9iM+2Dsbxa05Ft6G2aSOJs54URrFNLhiCID7Ui6lew1P81cJ2RljhdYi+tUYG4I9dweLvVLHVoQc4U3GWEcklACuoga/kAAY7qs2DCVhaRIwOMrMSiVthpzMm2S7poHVs3i1nuBJOBebJ/l5plAlDywgQnBjJnt/3L6sIc9mXrBDVgyGkHtOSIS995FTG4YW4jVPu8A973rARTlHivSGEv8D5q/6glGKPRXqBBFIXxBhbMvJIuQ0lwi2pj0R2lhkUNrDYKHg8DmY4Ux8pfKJwPAlqSnDQSLBm6YursK9Lbhv7IpEinEujfKa+1f7fgM7+dMFg9G49PrWoIiF+xzKo9BiVllD39JqEi+tX8svvK48fH338mJtaoTUGPttK2qHBYxCX6SP2NW5jhrQYowoNJyNt4kQdvo0d0qCZJtUkT/rKzLO+99raRvb3bl6k2cZD/VXOP0k7HCjwnP2/5XrRbWE846thEfcz/SyfxU9G5HcY2bKqafTGZ/4HRrkeJ3PwvrkPMhCaKf+Gtjw+C4xINibUbwvphkvHzYQbSZA5KmrkO9bv9mJ0aCZdt1BquuKK/Pg0npvXwE7mNBgvK7VSDMzgYEy26S1QdEt7xpvN2lqaAfUVqWxeSToohdH2xr+uEJpIHcNH/fAysp/D0aZxDpX2FSGXCR21BzNiAW6IXRMmsejJOs/EVBisYCwtz2leyTANeYjWBhMrvtOWY6/C0AaAoFxKhrHxzo2QjPLZ/pzSkHzqiTJYw6yjglZXYPPiA+qoO1dfREX/GpIneVtTm+kwmpQUe0FYhR0t3UQJ/qW8JyQAn+9K9FuWt/h0r/JyFMiOKsytB+Q08+xdCI+iDZSCV+3+mWifqA4tleRcNA8nULyPEgoUZrOmkDq2ae3HP
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eee-b288-4002-9229-4e94950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:06.000Z",
"modified": "2016-03-16T13:26:06.000Z",
"description": "Locky",
"pattern": "[file:name = 'i75rg456' AND file:hashes.SHA1 = '8c37f9890755e441bdb14bb3d7e6ab327d44ebce']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eee-1404-43e6-a96d-4a2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:06.000Z",
"modified": "2016-03-16T13:26:06.000Z",
"description": "Locky",
"pattern": "[file:name = 'i75rg456' AND file:hashes.SHA256 = '7bb2e629f366f938cc2d6778804f413a372ddd3ce9637e17205e0961e4e1ec8d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95eef-d668-4c3f-bf4b-4599950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:07.000Z",
"modified": "2016-03-16T13:26:07.000Z",
"description": "Locky",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAERrcEj1rHaCR+kBAABAAwAgABwAYTAyZjM1MmJiMGYxZTA1MTNhN2M5Y2M4NDI4ZjM1M2JVVAkAA+9e6VbvXulWdXgLAAEEIQAAAAQhAAAAxi9niAffRt2X0eQmj5InU2mSFW5oEAkvGU89gSd9TFyv2nEczNQkaAWJgXerkUsAZtmk1bTaSTrFwD3Sts/a8qD0A4XuPmauCByHKXG7PP4uTHIJu2ZiTSpYtAwUI+u49rceh2HGgdEgquejs3aWC8YghDMUYoosDJ9OOz2vgRevF16OqcJwJxESsISaE9ACop7aswTjK/A2VHMow+JSed6pHGzY+n7f37Zh+1KEwjewO809GQY4RTrBFzHKZt5TR6xaPlS9F23CgQJPglNXvS6bHgNy41+vswd4g12oYIK6zoc2coYAyZrdWIj6hgOXZhTl2g91d8vTc16iuCRmCPVXjjP4b96jSK3Q40WBAawIALJtBqRUOGbHuLceXel0mRg8Uoy7JA4GJcgv25EK4Yuz/zi5LtaPnpmoYA2knRRMGRalnESkLRqrwmZ/LndWE9QxDPvL6w27mmLSWdwdyBGDZVCvJYHoMzW5XGvLElyj1rIMMGK/1ygwithM7/IbVk2nf2moDPM+kY9rxhKPey8xB8BHKTv4bcjHYANYNxwTTxbyC0Ua1NBV9vb1cjt/Se6k+UpB/Gx+DmR0+ElmY8R6tVv7rwClWWBSPPc7FbmOMlCaYr2RQI3uUgo/udDCnTywqOnLB2Ads5o60DBPmG2LV4EPb+8zbM3G5gDxsrRzABds+ogAkLi3vCSEBvTGh/asg5IulnDjlUPJ8OB+fFrWP09YtkFoU6k0WpSW2O+vnDDv9dMQij93VuH2m82wDlqnyCBA2CyJ+IKPFEjzMGzhTniYRB0u+lJ6lM9EmmKc67W/VlqiKtHt/pX3u8kA+S1WQHfJzvMDEzBf+hoAcsfzyiaablSfVNL/wdaxLUrKx+Hq2eWycZCguded4gz/dsHZ7Y0MlK29/5ExhKhm1f1itv3VdouJFq32dCwPO6WYjfG0c4CC6iLPYxCN9dIRaqBzfSH9aZrgN6Qrx4BZON6b1LMO1UhhrZxcYtEim+Eh/aDHFyEvsHOIEe7IFOsH1G8CN53T1Y5t7segNp2vmPP+80PzTy6dGueIl793pKG7Cbcj8vIgPNryp9ljM8CtLrEyXKmZ7Z1hfcc2FT9nED92poqvYXC+QdIFvJuVHOlf0cobyGl5k+LJSkhD2o9Ty101/FrB9gcMHtk91UL3xnOyFdLHxqYk5/tcFapbeFsO4iECDcwZI/W29Ysids889dL0e+6XtJu3Nnf7+j4v11vMVnBzCO2y65n3FWHbNTbO8ukmQW20NLvr873xYlsug1I6M+Cf4rhhOv90M+dlHmSX+mZFzPFr1kdsmDkq+BDKJ2tzbcoHgy5yCMh3K5GVLpheyieNDZ7dV46kzo3dzj/RPLZrjBGzJa2Y/TD7y3Buoi/DJEZvP3uDgeHtND67dPSsAGjNB9S21+nrS0QNZSiCeeeyHp6lpErJfYp3iJzT7ADYsvnUp//7zqtV5G925vVMWi4ueSuoQl3O/Kgdr+yhrIfCVDVfm1mCrSLqYIuO2MKe0LcWhTFu0MjwiV06OHEEMwSYEVbp1dzPAP/F9T3ki/F+gcSVXSdC8Q0khyfAn2C5gZ0DNEF1tF45xUPv0NDa1SzV/UmddlQsPZTSmmIAXUk3hSJsqU8yIyaYFnXfsEEWgOWFrO1t90n06FaaOw+OxQgsKPC56F+eVasv5JaP+0rAkIm4hzuaDwK+Pe+HJeZGXk3PpnWUpYUSxeXX9hCyDh1lXpn224hz6ZKs+IaC/0Kkb3uKN5qC2cBsN0wuqHjyaw1s/HG7mvECxaJBIFwYVjtKE9tZdDU+ZWiNOm/ABAdDOhjTC46c2zSzDAbvRaGHLZBzeFUDWtFcRwTmrV6ew96xwWteWR+QAkVUPr25eDOMOJvu/Kw7l+guOqfolnTIxyX63/TsIbuopB6TzV6pl3DMPDQYrtEAPArd74vRx4fWbdtyK6BAkVMeOP//+XtagQ3knr9xbDXBUwtG7ml5jdCOc24TWK/uLbDfqg/jevrnbOcPh0kmTaoJdG5tLRPRa5xMdtZxh0E1gZ6vOD1wAF/tdLtpqzeWLDnD72rF/4VTi8vnHpzQe9viJg9eDByqstqvfnxBU+B6HwKaqFQ0treUwdJpvUiq8f+Rp9PygrPDRoEyk4nRs5zNjmhbHEzeGYJ+r0T/RIIbbuP7al5zO1J1Ls6PfjQGjWoTITXnwsZd5+EN/o1J4ihxknfv2nQI9gstCpNXv9Zmbkw7KKvwcHXZxHKy/DaUjLy1ea6jpteZO4pDQM3ZtunCf4zMTG2ZzJYRwHef6sPOqb4jZMph+ebzMBGFMd5GN1F76kXVy6iVPWkYA7vQuHvtTjdPUyEAZqYfvZta/7TzP+GecSaViaglIWiW9rUWn0b0+A/Ew1CqIZa6B/hPJQTTJL7/qClUWIK+2G7bKdOaNVUfv4lTenC7P/etio+fkI2BfNQapxZCZcLt2hj0mQ/wa0DC0lg4Lznqz+cMNMewMHPz4unIGSFTM+zssXf++rUFrgAgRP0SfFhuDSxai5qR/r6A5nDzWM0s7WakohUmHaFqvKZoGbVMSqBDrqmnWaCksJ1HVGEnRzCsrwfldCrg0UVzsgx2oWf646g009gj7TjWcVaYVm1taRJGl9tMZoqrCkMkvk2mwNi1ppsV/RtkYwrYtYTBzBPYfmawuDRabcyTNLKv6VsFz2s8yumrUNQuGbyY07HmWUvvubdwvys7YAYHKyahGZx2yFE7M18OWvjk3ggARRvA5vRsoAKQ28TW3sIKQ9l65Vpk24Sl4l9hD/j2Eai6WAiqLHp8oDFE8+pGUsALXEZa1yclIP1F8t2t3BeQ8PWINpkOfVt3tWcwYK2yoklx0VoQRTfmc5PUPks1W+MaG6GLFmRLk/olDft3/+rFybSOLqpKpSqXwpSUzgBx2B1A0IcRk445u1AjLijK5sDcu2B/dgUh2i9v6wzXeXPQk+QNFZa1qSzRjvrOt5+9WPs9AceZAe1cIA/Pw0ym80DtdlJdAI8cZtxjcx8Alnp4Ac55aKpSvJEC0lg4pV9qwG7nyVinUFpXdBwjjuamhO7FfIJbl6Fcn1/d2uZTZ4Jrkm6DX0dWIpQz2hYM00A39hsilDSTKf/dasqR1TyMO8Z7nCw1jiuAmeRaysy60l3XXTXMKN1nRKfNTa6oaGcz+wEuhhpe70Ibu6qyE0U5cDLpfLynGnEUIT/FXZjeO25Ej/fXMrxuhgUOG9DxcIqVsDXmWbcT2GBuVMcHndTGcpDL1h+LuPl9bRE7lf69G8m0dij2XXvphdwQ1zy8ZpmHWywPD+0Y9pMWj3RTF7RBWi52LAFvqsTPdgqopfNbjORFBZT5RnUIjLiYa+6Jh2H0oCaayDGQWQ8y8gmohtl7yuoKY0MxFuhpZjjwCILwCGnlNCNw1HewWRa16pUH5c6ItO8eFJyO4qJjfeItXjCoqJyleRQhbVcwejWuWm72ELjtz0l8YCBiIsBoEuGzTAJbIYWntoqF9SJN+kpGXogmeYp0MRGwkTs9mgkscKr7gy3cyzV5uN0TwFZIegv61RxLM6z5F6+cGL37hF5ml8AQAzHiSSsoDCXSobJBTbpjpFuqdbZO8CuKOP5I2KVkyRo3lYWgoYelpQAoO1LL8yEg87AJcQpnMgxoMzUmSLcsJR61pIsi9R8rGoOHQqtW8MkV/rLsNQB3DpGWHMxehj6H/So2dSuYYI1GB/orMaWVYBGjwmE+WQo7yCJzJ2JptQKuTq0FaE/RwI7Ve34RaTGlcG4ms0mNghBCElvRp249DbLSOsvpvGK/WEOa+vYAL8vEjXbC7bjSe0B9YETPlPE+ZuGScdmJvGHlOWR7cJ/Qh2YHAIsTf10ZB1IbjNfbQgMM6Gm3tl+2ITc5LdUyOaE8acYW6ESpnGrpSC
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ef0-3ae0-4bfc-a1f6-4b11950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:08.000Z",
"modified": "2016-03-16T13:26:08.000Z",
"description": "Locky",
"pattern": "[file:name = 'y78hiuok' AND file:hashes.SHA1 = '4f94153bb25c54835778ea44307ab5cd49a228f6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95ef0-9fe8-4af9-a52d-49c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:08.000Z",
"modified": "2016-03-16T13:26:08.000Z",
"description": "Locky",
"pattern": "[file:name = 'y78hiuok' AND file:hashes.SHA256 = 'e545100971c16946bbd4a86bff670c17f8440b3efef39b6391195e47a55917e0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0b-a670-4322-8c6e-4d6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:35.000Z",
"modified": "2016-03-16T13:26:35.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://149.202.109.205/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0b-e79c-4833-a7d6-4504950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:35.000Z",
"modified": "2016-03-16T13:26:35.000Z",
"description": "Locky C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.202.109.205']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0c-7890-47cb-9d76-4d15950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:36.000Z",
"modified": "2016-03-16T13:26:36.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://188.127.231.116/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0c-5184-43ce-a0be-4ffb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:36.000Z",
"modified": "2016-03-16T13:26:36.000Z",
"description": "Locky C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.127.231.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0d-7af8-4289-a90c-4cd9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:37.000Z",
"modified": "2016-03-16T13:26:37.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://37.139.27.52/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0d-acc8-43c3-82ac-4614950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:37.000Z",
"modified": "2016-03-16T13:26:37.000Z",
"description": "Locky C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.139.27.52']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0d-3d5c-4ec3-bc5a-44d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:37.000Z",
"modified": "2016-03-16T13:26:37.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://51.254.181.122/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0e-ebb4-4ab2-9478-41e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:38.000Z",
"modified": "2016-03-16T13:26:38.000Z",
"description": "Locky C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.254.181.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0e-978c-4a11-be78-4d36950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:38.000Z",
"modified": "2016-03-16T13:26:38.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://51.255.107.10/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0e-223c-4667-b73f-466a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:38.000Z",
"modified": "2016-03-16T13:26:38.000Z",
"description": "Locky C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.255.107.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0f-d66c-49d3-b217-428d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:39.000Z",
"modified": "2016-03-16T13:26:39.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://51.255.107.8/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0f-4078-43a6-8610-4ec7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:39.000Z",
"modified": "2016-03-16T13:26:39.000Z",
"description": "Locky C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.255.107.8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f0f-1958-4742-9430-4d68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:39.000Z",
"modified": "2016-03-16T13:26:39.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://78.40.108.39/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f10-7c84-4cf2-8824-4015950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:40.000Z",
"modified": "2016-03-16T13:26:40.000Z",
"description": "Locky C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.40.108.39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f10-af78-4de1-ac1b-428a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:40.000Z",
"modified": "2016-03-16T13:26:40.000Z",
"description": "Locky C&C",
"pattern": "[url:value = 'http://mokokf.eu/main.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e95f10-bbd8-42cb-9a87-4c65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:26:40.000Z",
"modified": "2016-03-16T13:26:40.000Z",
"description": "Locky C&C",
"pattern": "[domain-name:value = 'mokokf.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97166-d068-428e-89ed-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:54.000Z",
"modified": "2016-03-16T14:44:54.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAJt1cEhPOUq/KAoAAGcYAAAgABwAMDJjMjFkOWE4NTUwOGU4YTY5ZDI3ZDAxZTU3ZDliOTRVVAkAA2Zx6VZmcelWdXgLAAEEIQAAAAQhAAAAKvKC7abwaRslao8ieXO2JX271qai3zW/2zT2XHedl4ujlPsbTR8g5v06ZVwB6BT28n/r7pDEbu6zqtuOwe9FUeEd5cL2GUI1j8wqr78J1iUFl3rNdTFmrKipZjQNNHZSFfyEY8QU4ym1onqI2V6Xo5lle7hTiAhHm2FIS3TiDlnjCDykAWY+DN9nhYWIQkXx3AbWYbpnKFKdnl71rJo6koKWkbym/T7sERqWSF0BJdeTw3ak69xFWdLoDL0dLwmma1fsCu/11SflNygxCYO4GprBiDNX7zGEWnItILxg5/xOHaU+P734Jp20jmxnB9gD7p1c5eIjVpoRh1FDxKnIFIxDjEC56mikmcKDh1eb9/k9HIShKWqui2UzHmI51/HqdgWo3iQH0SpWSuV8OkhKsXkGiI+KWw2b1wBYZ6Uo6h9gUO3hOXR6Z44nRWf6mXELRytLU33kGGZWfIRDTksdvTHeRwLys4EXiuzXzY/A2y7qEpnnmotyHF0Gh0BnJyO/FALuPdvvaOQ9LmJGaKe3EZLVyAnnne38c/09NDLE8Kvlsd9b7RJzGjOwMuj1/S2Jdc+OKCIDKZi5tcgzBmAHWSH79TLVoDpF+eE0Wr8pp/Jx1nEhvC3CgovNK3Z4yHUodEVJvdNaTxog6QK8EbCnG/zeRWUKQJfyC/Yh8PFk9i/3GLbheLjEFp+zfK+OO3mOxz4YKjND7xYcttpdFFq//IM4BVc/J/ygkCE4l5z7IHZLaxninZVNo031l4qVg1kJFk8+Ky1KZ63+9AMV2WjOBartD2xPrY8xI+tr72LfYeonJzrFBLHhHhI+I+4FkEJ4BcIz3Ms/J1Gic7k3X+HROEPJ54re2frHwgwH9WaH5QkI5pfJprE5GTgOizO6Zom3R6sHCli7LIT2xzLmBdJDBHypPX2ptcmn8F+Hb3u7QlaDp6lvKuNiFQ9mtp5e/dMm4nLtNQu1yOIWg8g449xPRmmwEORoY38uAI6YFxYVCbvC8GlprtyYOd76K0Hp1UAv+kJngCaxIOqI6CfeuRqUDI3HJKlSFSQKixOFUzlkL39f9sq51TzPaiU3xKweTouiow7tqlT/M+cTJMSvNwNUcbIV3NuHa3EAHowTSa9uESHx5tEofI1zwaO/3P1qHNuPl6r8rbq0+QUhkLfssb4E4ctoaTS2O5Rgf+akCT3bfbjX7N0kfHZNjP68j0OM4fKwQdcHHRS00qQJnLnZ9VZRhMtfG+4VfQP/RiyRaSVXiU3beGnxORI93E7So4Od+c1hCRucqYXYpletREuY+k8nUQZr3Zc6y7taECmzVcIKtUouJFqDYj5AdUdlGY4mnXEw04Dq5ouDzhDWryzVl2bVwRytfgP+dxpb+OjFLjpp4PwNf5dEZryI51an1e1lYp7xg2Na0rBYmKUGiXxuUDo5fCyvP0nQ0YCzrrhk6/6tFYncxjgDkTwpYrjvk0ThccDaD3F/DnfWSdgEcEEf5/DGDMZQT/RBwOUaP/YBacN2su8bbs4IG13Y6MnSe7JNHb0yEkSPkMixoTsSpEMlWbj/DbypKkpTo3DTE2XFC37hR7+EFWAcVHJPATla+zcbqLz8qSIp+UkwOUlqoUD0lIEURrEIoON6Ryi4xfSwo/jTsDeeUTwNIWlZsRByaHZX9oDWrxsryc8uI9pLPo8ExA0pyTUYYINAvsGQrXCx5lVTmSdWfT2AMv3CpStVrqps7AKVVBThtMvLkEiYanbfRs9wpCTxoxKsnTaJjFLLffwKeev1+wvrB5Wc8XmREAEXTF7hLioB4DTyQzNLwTciQcFB1d7Kh6J8zyfKHQJGsGLPOQcJcWO6Hp1TQnKPowgoqgQ8B3imW4jqZYT5FUnJD9f9/YkFsGu5JG6sldmB95MCPLWtuCjSIAKcDFFzELs+IuKb9pwMvMOCTWBuQ4YOg58GZVF45fD99IBaGjWSQyRvwMyb1ov+EegB18HT7WTv3lLq68Luqhxcs14qZ2GyfUBL7X1u7z+DpySAQGnn4OeP0Wc4c9P+if2RyGk0DSstKGEqpDBT3snPIvgcJduRO+5f1Y5BWMn82bxQCtqaP7I9dWHnARtJXhoiAp/oldrOBBOk3u1Xzu1KBCloEjSUshrMnUQVomZfy91l/CUJra0sKEYUrPy5POFHYKe4R6vM5ZBYBiqZwJdgO7qEnE6x7qgpm3i/nuitF1VUGC6HXAjSwlBzblgshQdDVApdASdMa4QZCYn862jqD7eu/09cQDBru7CrNSuvBLIWvZbYPi0X8zYkg2fpnuGyToOSkKnI3khjcjTJIWAKIIzKSPgl4/SkzcOvhl7ZcvfIA3Hw04lwRpJlXDGFZYdc0lrB+KsVTWT4DQOGHyeG1QFgHTsxNGVemi60tP12WKGBT0t9LuGv9E9SqoHvqBw+KAtrd561XxronaXWLfCva/tqQI/NgbY2/Uz6GWPCnDTEZYlPMaQ8ipa/tUQ2PCytJRk7Eirbya9VVxcee3mw0tlPwSdfDI+0p/tai0f9lONLeD4NtFyKIOr+rCYpUHrUpjrT2ttHLln3cdu8cf+3NjKv5As6qnPrdfApO0nPd62FoBKcBlOZhLx1cLm8YWzR/lJ2rF/Hoguh5+pxwlW1C2sQkfpJPlmciU4qaJIEbDu+Xbu3+Qfv6yNnBg6tqDoyoJ/W2OoaizZum3ZmkCrnc017jhcl0n1ZtUkysh225TRX+p93fOWz1gbHgo817VOeyvZVO4Lpk0vITFHtgG57Cu6Oe/3Y+bHLqK1w0xII8ahLaX1NVU/b3LuhaelzSLISdxoCHwVPCHlQvcSrsAJkI6D8qLvWccAMVGx3+zAxmQRsc0gRqjtaiZA6WdDoHSnhFcIx/SmoBW1uW9tGeROPXWHtuAZxslRcot+FR/SXpKn4YG/Brq9oGBL7GbP6FAnQq3Hv00YYNdJ+QzcGPWjEiAk9xBUsR2asbGwLC/nZ30YofuuDTEvBIXneGTkupLjwYCpjKZQO8l0fX6+omk0AYpMXdbRX0dWnWXSddebs7cViSAVyBuNi5nxa7rtCBT/74TRoH1xFxOvG7ZU75qUwQwxbUCY/tgdChz17Bs5w2iuPdSlqEm9Xkwmt2Qs/3sfmk2XKQgE3tcAtqd/Zgh22OU4y8whs8P1ICdpn75+1A+U/Gmo9fhDHRFFbDwitqAffy68gWPuO5SLCLIunfnSCVQMXRl8+2nZHGcgTl78Z2cF6eDOeDNVb2aJQIGptqEuBP20ETig7si7epKtbJwd2bpfH6xagtlUP7WpQv4YKdP5O5zMVNU3NmH989MRGUO8Ul0oJXWvcPA+wWEwXYJ174h8Lg+n07Ejv0Te72ZXTl7IvBz3WeKq6fneO5YYuPZwztfYgQy5+c83KC+zl6ckOitfrQmthJZTDL5o9/kcd6y/fkfcEvsy8wI0WPHJrpyf8zqjJtx3jN3Qxlp9oWPy+5wNQSwcITzlKvygKAABnGAAAUEsDBAoACQAAAJt1cEhMetmUHgAAABIAAAAtABwAMDJjMjFkOWE4NTUwOGU4YTY5ZDI3ZDAxZTU3ZDliOTQuZmlsZW5hbWUudHh0VVQJAANmcelWZnHpVnV4CwABBCEAAAAEIQAAAF/k1+3I3ssH9uBGWVm4QtpdUuCvTwzEjXVwUSF04VBLBwhMetmUHgAAABIAAABQSwECHgMUAAkACACbdXBITzlKvygKAABnGAAAIAAYAAAAAAABAAAApIEAAAAAMDJjMjFkOWE4NTUwOGU4YTY5ZDI3ZDAxZTU3ZDliOTRVVAUAA2Zx6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACbdXBITHrZlB4AAAASAAAALQAYAAAAAAABAAAApIGSCgAAMDJjMjFkOWE4NTUwOGU4YTY5ZDI3ZDAxZT
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97167-eecc-4873-88ea-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:55.000Z",
"modified": "2016-03-16T14:44:55.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_0fe14f5.js' AND file:hashes.SHA1 = '0144c3e14fb11465bdc0205b0ed91c06e2afe569']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97167-fcac-4aaa-938e-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:55.000Z",
"modified": "2016-03-16T14:44:55.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_0fe14f5.js' AND file:hashes.SHA256 = 'a9616f75178f5946c0e3b1367a1dfef034ff83f566d8e3285d9f5d0bfbae4e04']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97168-ec9c-4cdf-b182-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:56.000Z",
"modified": "2016-03-16T14:44:56.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAJx1cEhi36HSnQoAALQZAAAgABwAMmJmNzczZWI0MDE4MDU0NjVmNTM5NTMzY2NkOTAyNDNVVAkAA2hx6VZocelWdXgLAAEEIQAAAAQhAAAAm1aYhAUA8xL0FFR1wzf4UzpwOcOUpvm/TRC5rxDgV7BD39fga7r9a/GIHwTh/OgzdFrsRoZgITJNPviC18aqlJ22cj4IWFJ1+Zf5G26KzsBBQNnStTZMhZjTj8lmEohIoR4PRFruZQDdRzqnixuzuJalYc2cn/FY6kNlUPVZ5fCARRMoxVdU858MdpZqXaJbo3BTePwRLEXX5e+O7UvJ4hEgk5t0TRQ9DvMCuDG9BR3vY2D21okmphVuetMon3CtbkB35s6iop7a3rL9MUcgz6KC9GLxuE1UHbxkeqrH+3T/b+gTzZMcB2jg8N9f69dS2zpnsmrO5QrIK4F+86dIuypYh4mU9iQbJVFLssI0Jtm+AONBKZ9nuLQNGZxiQFo2A19DbVv+uacPIMU9OMyvwlrWE6KrDk79XIq0zIFPqWfWrSWpFtPQalDMpOCDbZB9mrKNk1o+Ms2mdfYIZGlrvh5MrwaIGU2mZKtYZd/F2E1+aF2SCj8OH80nedAq5YwXJG1CZNYp6Ml9tLqZTahWGSqybgWGHguCmDgDZ4D7qb+A2WEIBdiGeZWmv+pD9oyDOcWw5AznAQI+YCWtsLCf5WooPLVeLtUFKgKKyPfcyrrXkXxe7M4rr0iATv6+x85Qp2dijq+v5aoWi4bfulTH7n9PW7eKvhm5hVDLAvihcVD2Y4wj05/lKeXkwvoBIK7VUuxO4gAQLQGAzyP2xZESXyv2/iwk8jf6bVQ5tu0KGWIGoiXlqSgJiHALVhtpSHSyakKRnSG23tH8ERwPxQ1cebnQlyp12XjaGDb+DSrDlQChivnx/nuPAEPdJbAvwpXJrrrgoWWVTo2jqMM8pV7K6xsbEOyx5T+/RfOQvtMjKOj4i6OhWN0hnOGiTocQdYFMzEdzymShAw6N9t1uy0vEfw32gQmUG5YjAYb85vVfzpQBWAVVDjyGHcKpH96VclHG6CYN/7R4syNbsy5IDgH2IpY9LWXGM2bBCV8iFNGmP+VH2k5xBwaE8CbFZQ444N7LxNC2G52KvUgeW4b8CTnwVusyF/mANLmsXjcT0BAHwQJxX3WOBXCqkuwBKe4q6payvuYpvLvRJlSQT2CI/Bfmy0lmyyFb+IZbM5HnMgzhHQ3kAlWMdOiCk3voIoSHIeN4ecvHYRUf+4Vic4s1Sm037jxlq/rUJMhRiWYGB6sjg/QvA5nLnslO952VtExnoGdobeQfzIFI3wKXlL/stQrkQAH4fCAMwmPfh1O4gBxphYVCn+LB3KuPg48xcrVQMmOpWh0ZnkiKaeNi6mLcTbSBOpjKHbG2um/zOiyjrRnUA5NB97fcItesQP1MpPxTrIOIotDjUjW0OyOEBcezbnIifNKh88gEJOPZwVxBM97NjbpbzLVqXncOvS2X3U61reVytPjH0rDvjv7mptikyKLJq8SG5yCTrDYL6EHA8gDx66MVvXLA2NVotJMP4ygi9xZODIGkCqzM4b2DSottkCTcligagRGb+Vnd1GzjuXrskdI/78ep/NkdqByHY6Cn6TLmCwYY6FgwG1SQkCNdN/cuUQiHqiNv6l+4tHF/D7lmV4qm51Geixpg3aif0UPGvvNiAFMXQjy+enAlDD9hzh+JbimBO2hSvATigs0xQqiAXUC3cXAZPQ5tRCLulF/CffK2C7nX7cTV7y0vkTaAaeMSnaBGq66sD4SkTJG1O+V/T0cH3HlawPFck8d7NkA9F8RnC2USROGql+6RA0IMuCLs5z45g35+a9J0XofrU6P+HxfLTdESOXOOPbDNy15jC91vYewqse2d1tXhKexM3ZwwAheMm2b0kGW7NwezxNg+6ILhHip6NeEg3iNuvtvA4DRG4v22xalO+SqG5uNachKHY9bBzcTrTY7bWV7SHCH+FsbSJxIbjWhTW5UTg8VKTyXtXj45/GJzLxl0defOWzSVk9FNL5OwY+1NVneGTVhmUkS5vhwvefNJmoMSZx5+YtxZBPO2Gfk1PByoFvBe3KcDFwhGgY3y3AJaJ/U77X+HMYpiDhGWmx0ENAN0bUjTYPA68sRv+RCyauNc4kWZK8udfdKb6juUKFYvjZj+K7JvygLge2JrwLGbAGVdJRfBq51iY/kwhc5gStsNoDhrI8m1V2kKAFzAUxJ1WJHz6k5eVEjBnYoS5F00fr2byjk+/aWyVoEEIOGAYTnMxx9R0jHcklMt/rf//ymVBN20kBYcpIY/rxVu4g3VpaNxX70gK/1CiYFyeceQh5kpQik3zM2JS2WYTCrvP8wHAtA3awTSlE7LQkJUveZ9+LMfbXuzAtXfVaz/yEptKLxJN3rmnYOEqWmkqfXHDoFnhQ3ndjAZkg7GuephaBlD1wWr4qWBnlGjrd1A+4s9PX0F7jmW55ZlRr8f5jlcuw5O+rmRJwDWDgpxhUv3IPUa5BeFGu9O46oMcYrRpyjJbM4cp5YWyTzMGsWayp5EZFXSjNqrH2c0EJMepbmvUtoBH4iKNDUsP08qMZ8/fDyU/LOGn35nKfWyhxH6GT4cQ1gNktoYEX3+QnW3w5mLANCk2OcOyF3aWPXUnqDDIM+E6DKUbEtNEVsycfOZVbe4SeERu3+EoDs1X8p/IAb+smt6wY48VMJ3iTqF3kASxQyIG0OxnzdaoGJ72jYzGmSwvfuvPbBs2U2+dBMy6qhnSWQ5XbDO+RP7NNpMScg537JU0avDXmZ8X3mFM3bgq+1M2VoG7GA2FjJLoJ3ksjKrSOkP3xrdHvNeL0O0Z9Sjk81eD9ME9j+YoIxafbid5iA5Vl1qqf8ETVqGStHexRoGJ6hRx+VVlJfrhp9DxaMugppodowocHbEJ2Yvmw1QOslqDU4XxjZJe1xiTHMwX7/0rceVCPWfKiRWupHfjyzeJbESb+47srnWUnwm17Jh1nVXYdmyqHu1xlA6vloM2wYEQLaNX7tCZx5igBPzYzCboi4CdNsMsrXenBYQ/ZsPPSwiWyfULmJJ5OI5qZpIkVxzceJVI9n77IzPDkKLSbZIVpmGr2RdIcNEpCf6ifZYp/VH5sYzhMDLoho309eGTwQ5cFNa1MmMICD2mDa6BHdMDAo7KrnJQaWw4IyOCppQEJ1aAzfkXgpNlnHkRjprriYYmjXLe9ViDsCKu849tMqwbIFyPS+9BGp6OdO4sscix17JtBPUfSHyVTwrVj7/8FVu3ptbyLq3AmGP5QyiLMZQVApQIYMmGw7oalLudfIJ0IlZ0AgkSfB8macc2w72Q/ANv5/Ct0pLcE0SyFaFErwB1JcFbqwF+XXnFVTFuJD9A6SwjNn+EvHJcdx1RNaBzcu5EXfrgWTZ6v7P1odeJIHJpvaGwQg16+EePC7/QrG1H1fX4VvK33N5q8n3L+3cMZH1m7mgVjv++IQzmwjGo0ISjFRVvnDbQ5USMjOziME2cqyNtEdYYc1jvTdMz4wqABMOI0Y3c0t0TGVREc1YRV36F81AO3U8V0xtWRlqjLVuYuQpMCs0FaZTVlN33205Xed9ZCsoBbwF4kPYzLH6d8cPX6iW9+uRADid7hI8r0gHiQjgpX5kMcD5dXRrXugsU9SMbLLaoS72B5MP1RoQpdRDamlZ/blqtQkBfq/qLnc/Espb+cJFsU9axK1QSwcIYt+h0p0KAAC0GQAAUEsDBAoACQAAAJx1cEi9YvwaHQAAABEAAAAtABwAMmJmNzczZWI0MDE4MDU0NjVmNTM5NTMzY2NkOTAyNDMuZmlsZW5hbWUudHh0VVQJAANocelWaHHpVnV4CwABBCEAAAAEIQAAAKF8LhxzcXVYRqBtj1i/Hh6FsjPUL7H8nAtShHRVUEsHCL1i/BodAAAAEQAAAFBLAQIeAxQACQAIAJx1cEhi36HSnQoAALQZAAAgABgAAAAAAAEAAACkgQAAAAAyYmY3NzNlYjQwMT
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97169-0d6c-43c4-ab35-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:57.000Z",
"modified": "2016-03-16T14:44:57.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_1b10ac.js' AND file:hashes.SHA1 = '577c887aac7a66807dde524311f8b1b7e502cdb4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97169-b300-4338-ba53-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:57.000Z",
"modified": "2016-03-16T14:44:57.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_1b10ac.js' AND file:hashes.SHA256 = 'fc28df70d52ee41ef72c3abc7ce35d7ef38a1253cb137f3d6da8461a0888184b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716a-e9ac-4cc7-b447-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:58.000Z",
"modified": "2016-03-16T14:44:58.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAJ11cEiybvZXbA0AALshAAAgABwAZjM5ODcwZTNmM2EzZTYzYzBjYTdmYTllMTAwYWI0MGJVVAkAA2px6VZqcelWdXgLAAEEIQAAAAQhAAAAm1aYhAUA8xL0FFVIeGYqroaeDwOuF16iHAFzAJxWLl83o0b/9qX/9I4N9Ok2cvKr8+MhJmHA5ncCzRb9H2ww1N0tc9eV7CU2REWm14f81wNmhRKgY5N2//2uUhrdlbCkq6MAZCpvu4fy4SvHbjlnqbQRPn8/sje5IM0hEKZU5GL7NXK/XxWe8lHinFSbwYi6dHy1f9oUM/yBzlLzuZwxquWAzT6XwODkU9DePLKom6tbiVE5OxeOhmFwF3Jg+zjN0KaVV0aEIJlbFwSKAV4xVBi3alyfQhb9ASiAZSTrsM1nLh/d01pjShepK615zbF3HUD5n4HJZqhXt1Xsy9Zk9pnNPNTX2LnXDAfpPNLoYWC8CfiuKVUwookEP+e3B4kPwEwHqtGuZa7vNTWxjEpqIY7sq7Wr3rTZVeX6jQKSmRUTwZWcNcwCDBPxhVL0wJ/xqKkiU5SKNqODrL8dXlXRhlJiK/UTQxepkYJfsecBoeJHh3PeSuSQxoALCfQnNTTdlB+64hSQ6LCn6/3IRk+woX7dGLQBi7ivWQpxQ1H43654dlDT9imjAtzD5KnuLxNUyIGR5/0p+5Q7Aycvw6wnaa4uLSnf/6bYp70jkl/cnUP2bYPCa+rkjOMRTLIkTFHIb8oAeSvHFScwTEQpmUH3MwyHzkAwVXm/fMmLNpuvsa06qiSIRZpn3+GtRXo8JllK6oNd+zukVa5kVhgypCn972SjEVXi8HnBdnBv/aVgqcaSHTUOG2S1LoOFMjAkI4ZICVqd4MkwXfeANPvuJe4OM21HnBn+NXXK976VMdhXHVuXJ/76CW7COhXizvYuo2AQkPw1PKRg3tP51cyfDeW2LZqEcFAs4fVDouixC2AtQSCgQsp3zA893NeUchCyzp8f2Z9XXWid3hEOdzHNBF9qvZwB9XgTR3ztoVtebJJt+bLKW2Hwj2IurJY2dHPsTi8rRVvaHnGQ3AefqEq7uxcKrOYsPqOzlFCh3VCA28uzuJSNKdJdmckXfY/Kp9mE+x/hwYgffVeN+2+DR4ga9y81lLOJ6oRUiOvaRQeKNrDwEtV8r9t1Swq14r0kNUHpJa6nrr2r+IWegd3p580Dy4NnESlLH7dzbOLMcCrmx9V8W6cev4/yE0K9n4viHj3CHS6H3oQxCHi1s/+YT79h4/OnWzniwAJfvLl1F86rlxg7LwGcHCtJbsgRQj9MbjYVBpL95yDwhCP65fxiCCcOP5Ylrc1vKk8B7gdpE0dKE1d7RfeZtMtOyAbhXObHvLjjj7uDngLCs3JqExv7sjTkJCrmwpVdEYOC9REacUv+skD0+0bn6U8tKIzvM2f7DyUO6T+iHe93AiSScIke2UWzEyc5Jyt26kvgCUZ6BBOhEgBgRwebJX7C9mB+QalDHmesAT3vxrCr81f/avWdz4hoZthvPtCXawEW2TR0a4zq3nbYw5rB+mDsiyr2HoxfBGwyMBIm5e5uzR8Bgsd28xbLOqyz10PUfVo1WmoEpBOUJkJojPeT1cz2c51fEzSnL1vGMb8tC6hlRwKELjxgtE3MUUsOTyP0u1TyTE02jLvgIbSjeUVL9nskUFE6Yh0QvoiKE/2acw8L5lWwr3QwdkaV4ENvdm2z9BmN25keAqhQjdOP4V6MhNJzYQlGqWA1b3qrWMqntpP0YdLVDR5CetcSN5sPRYMLX3JBW/rkzn5ZSghWRINfjg/VvaR0YjwDdsIeNhA7liduq7xrC/p4On0E3zdlDaojY1nAMgUOepSenx873HRK+HhS6Sfs5noRxAr/hWd5ReHgwuuf6WpzWttMaQJwhWKCxT6ZWelN6mO4bPSamFIBEwHSnD7u0Ctov9CFGxGsb9iGEBjZLl3A0n/EttZTo9dtdSL7mF7yXx5l1t+1IlONMxjJVAYyo0ROt2Uwjw7kIsSazXBXm8BQRPI321wQXDNeQj5KfG3AOdIkqtB50szytay4gPggIzNPPUVYMAtgRjUiVwrb46pVeVO1cDQ+PMiFT86Vyza9ratpsqm65blcyjgTzKoAGp40pIz0soMnI+H+gxnvhOk39yLauaOf2x9B8vsX7gr3iOIg04tvU2Z0i4rGZvqbWWljzEIP6qL5kJ07CCy/WevleveHoCq8U3Ov4cSE1G6+FALz18W5UrBffsKu8sMDopisKEd3f7Y04aRk9lUay7BklTe93NjL/+ExfV/Q1AZVaXaiNr1eFtPFGyEbiNVzmae81Gy9JAe1PjXP4D7/XrjMPHGROOyxEQJB78APfjgvhQaJ8XPYI9B/WqdEJl/xgO2FZCO9AxQPZibvjv4YGoxByjtYVRrTyrWRPg2O732Tc6hO7ZA/H+DBnPqJ5Wd9DoCZIpkEwuI9b+f+LcywJmp4n+T19HivWU6SYOxW1TXHoY7u3vW1a4RYwJz9XLHWVeXeaydbSz0PlsiOOEqIb3mbnDAylIFhK0rh2qOZDwPi8fRClBD2p4jCLFiMJ679sNomVjLcSuvQIEAjaMTSUflxhnTZ7Ep2D9crQ8NbHceFh/ukqxZWThrKG+lQ6ZShCzEovXt4cfpfEE9YxxPhXsjsncHTyZQKZ7U7fVFhZvCOMSILtG2pdvxxpazRJEPqVcntXJdPhHhI+2KuiSphubYOWwkEP9DwrsxYY/HcMHU0n8fJTy9R0S0PkqH3Hdv+Jnd48NhBrV6oQ8niAkjXym5Z5orfrAxuDTEy/B7yceD4TYhw49EBA8FI+bigrUVLD1ioefSKVOhKAA+eAVw1h9BAtl4V7ScUIoDfILPEqss2zNDf17kaj1scLOg6MvFNfkGVuGlHf84/HtY4CkzDu3ShB5NXTkXoK/VC6UdvjUqEYUrGdikGQTq/Ewj+NSczOytmfPCM2aKzLyuxMTmgkdxT+uRsBoNOigZoVaz81/mPKlKV81ASs3KVtBUeaNzGpX3LtZcMc7QtYDsXb3WV2LKoyY1FPl2imGLDbrNhYXgg1Yq7GDmX8Wza6RXoutXMt/3PhKgLWu50bG+9ZkRDdCxv2nBR0hjjle6X2vKoilU4pvajwMe+8pRCvcI01mxfXkByaTdvDIfToyAT/mZ3918QXucpgodsKzn7VA/ZlaHTjor1f+rxCPv9n+xyGOT4WC73SfSTXOh/l3rH802OuhUa19uFNpWF5UoEAdq8aHuKMg/zPXJybFX9udV7v69hWuGpfKZP4UhGFeApedS8spJIuoIAW7q2HIAvLgfBpq44LGf78eF8OvRYhN21wWasbvHThuynu1j0HAJi5bE4IUoIu69yC0upAMdoI4kfmMQwdEwP9b5eV8RL8C2Gt1DI0CAKlAVHvK9DXbbcUtopdB2E26iU8bazKkVbS4HIqwx12mbcBbm5MSIEigXzilF9L3M6Qq8v+u1h6MT+sf0q5CXaf5IqIiNE9i+h3lVflVxkNVhUk20UB8f77GsKGw3XsXYwJL1a9PA4TEEdnaVzqAdqT0oVGP7HDxfADiRAxzoA9moMEcSDO/Z1Q93TgL/+dQLvi7A9JZz3EkNA3C8mivBBXR2HyBcFDK/jrHThiPSCD/SLVwpAeBmmIJuAkSn0UilZlYL+ojq4c61sZkiMTGB7zxPmuckUaxNfEp5EmahCNpAUh5NGFwmAxbDmNuonFlnbgmpXBC7Q75psEHXBMiFkqvBgT6IP9VXxN7iNd2t40LL/Hihzm+9z6F1dCwrH7yUVPi2gKhv8rLAZeyXILeXglXFbYkSkw8VCVAkEYl5SBqjPlsD+c3XTMO0KHKSrdK8IphVqMJBDjAL6FB/zpJ2TEPPYfjKvDIN0x3DS9/CGc4iI8RGscEULNoaDUCCH/K8sVMeU7FLVIBSOWeL9gqd+X34F4VkMwp+OYnqpKDOJfWHDRAPwkJtKlIjG7wcTREeT87cfx60mfBtwDH8h0h88Mz
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716a-c86c-46d2-a271-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:58.000Z",
"modified": "2016-03-16T14:44:58.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_1c495e.js' AND file:hashes.SHA1 = 'ba88b52f565c0b14c8913fae17f132e2137e4ecd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716b-bbf0-4fd1-ad40-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:59.000Z",
"modified": "2016-03-16T14:44:59.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_1c495e.js' AND file:hashes.SHA256 = '91d377ee2119ab7283107dd0fb3ede3ab5650557eafc0d343e757004990f335f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716b-268c-47f5-a08e-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:44:59.000Z",
"modified": "2016-03-16T14:44:59.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKB1cEjgYDjwKw0AAOAhAAAgABwAOTAxMTllZDJjNzFkNzlkNTFkMTFiYzgyZjgzMGZjNWZVVAkAA2tx6VZrcelWdXgLAAEEIQAAAAQhAAAA5o2RFL0wUySZt/gepi2kEeumF89MvInSqRhclEAhao7BhOsqksDris+0wwrPPw/BDBnkBDx00VfWiQiMAgnNfk+l1RxCYCExuo7yJxof3vFRSNszsRVzg86FyVdfGLalMERBnl/Sw+4pyUflRZ0YA3OTmmAKNMfCl6CwrugbzGum2gHZkzMZiFYdP6FI4HsuC+1LyBkOUClYPO63ssy/DCtsItCilB9ftIqXyt0e4RN5/zQqzs3/e4d9gCehsB9eTVvlho1thVbg4zg2KvUoNinMupZJtvZsG/Bafd6NjgaAnQBnho5SyUMjZEEpbJhOlr9oKH0FCHlXqFrtcMroUYpOa7SRMgbV4L1mKsGewchjm7zNsdJpsnrbj8JYAhKEnsShww6jC6zOGYnPS+hEj34M2KaZO3YyG3/Jz7Vvk10tp26GhtmvzG1dsjhjCL22kBRBjsDE1W4MAUlR8NeDrC7LytETdksyhiMP3anNXdJMpM4KgnLS0q658yqQ7gZeCFrfOzCbbEKQ9e0jFhkIvfp1E/tIZ82l9Gt0JUChzZBrQL7RAufTasqg2cETd8TBHNEca1/rK/ey36yOh3Kly1GL21Y3FTj4fTEsG8uKHqdGGbL99P1zI6uTe7b+/Aq3W6jpykeTW7idrW+0QEJzab4UjFH5V6J1EZ0lv+K709n9krVGd9D/JbDQW/we/Xi5Q3v+s/8MsyNxVT6QArOtph7oURQpuvg4AXWITOrI5I60HycWr4Vx8br9n09ImWGvOwxuCbIEb1cf2y6ehFcpjNceh31FH6SYSwEHCYYNQ8hwNHd7adntoUTApXwC8HwEaxmCzwFbwVitWTkwd/BadMZpJri7cB/3tPwnkBqZVbbYEE453OLuzOj6yuWfkBDqxrhxudSt6Czl9bSipfulpl+k0zZ32i0RzH27CRQ1kG7Ce+5RBw602TYeArNNP90j6DnEq6IKXwlhd2+xins5KcmBkbZEBcVI/9I1H68t1HZr4Qn2vvzEqu4PKRrbaiJYTcRScOymjnA0hfebsNa4IsHXGMEGb0vJ64Ney0a3l/CjdTtkfGduXc2BDmqrEOo3rqD8r7ob2Kiu3fY2gnbyGgCEdmx+UtzdhKrDzRVHlqqCq6IMZWuAqU/L4a0wVGLqS405c/0nrbEGHXIgUt7PWJI+Q1k/Wy/koS1IeWftO2bM5aVJD/za4D3wKv+UEoWFVtT4FXHWrkcSlFi489ao0UMfyqPHEuEsXJ2bhTPtzDHGLTRQ/K+34ldXcIT4tSXMN1+yjPx+ziO7YBEOvfWW69L3xSYKkaFGLUKQ4pBTcI2Mvw7ea710sS7uqyw68U7gLgJAi95gg80VBcJHpBq6Lc3DprBQZ5C4PPJndIu2v1n31nre+cj9rbCo0GqYThpD+VsHUvxBao5JsuqDvP92aQTHaTr644VbWEZCRqqUDAK6E67AZurjDZPLBpU4CLq10sIqrAJMxU+ep+vCrkKj8EYq5p8uXbRrYquWt5EcN1FL6p+GYpfexLEiVPlGLoKjMUnp3SRK2ZGAbwTccF6LAehvZBziXgxRiS/6LbrmjqSYwbZXrXzWtpSt69esVEO8FMoZFxMrianuOI3tJ9eN6iD9tcmyUzGbTqyGX9suiuX9iPyte2wxWr6mgNX/PgxvRQ9XaBX6iEaCcox8HDSPGU+iAf0YGb5Gs+upeHO9z1spF+mjnO76usekPLNO1+eVPgk4PT5/lspBob4FQJMC5mROUeq7Pc9OET3mze/HqYpA5GbJ1R+53lO6aq3q993CMXoS1phc+ppoktOYK+kCqvtI3tFkAuRRXWgMKmp0aVXC16FRxGjtsfgj15EW7zHQ8FMXC26+aFM5UcbGsymxkn1dnx3YEtHiWxHJBWGw3l1aWzZ0235u10UubQEpRnb+z+W6NmIph198hQ+YlAo7mA+ygsFjG1ROYIWI/stZCGphUiL0CSWkC0MV0e+Yjr6r79J3DGb409kle4I2VmFCk60FSKN5DGPJ05AUbeClUBrPPh75/WNKxsEGNPeYDO7n+N7SHeo+B+Ct7DiTJUw74AvUvpaLwaym5m4p4U4SesfUEZXJzsTRIVAveV+7/CUo/wKNKPpz8h1JKfUc6dFppIP9/fxboGHZD719cSai9Qiw2n/bp3qxIu+J2jw0lYnBRF65EzfXQylsQi2gIFOAmGu35aIeWCNzAfvUn8K6IPlzCrN7z6NUuaKzA45OQBIhl33/GnwEfWXTg+0jc/H4utuUhQv5/4wrO7itzenn12NL4J/O/Z9m0HAI8GH7r63hGfwEjIIQkAo5B4vCx61Cbs4EdphvsdQm6W3bUUANBLCl+EPHfPtxZTBGfsEMdx+29hZrGPSaDe0TQPWCNPuSf15IN9tlHb1Ept/s9JE9dfjoq1B4GltWkbjp6W7vsAnBYmIFZ/xoJhO66uTlpLeABL/dRR4qvGK0BhCf82fyO3l/6UYHZdcp+9RQ5bfyM/JSb/GLg1c56oHhDKIk3zOPc5ikMOM4/nbfXDlNDVPpmR90RTYE6ILt7dJri+51UDzpHl1Rkzk+cJZwl1gyd/EPT/uPDwXYHtE1ODk9/jV2yMPDUy4Oe8xFN+YlqxNl5Es0LGCzaeJXAbQtOZlpaL2Sb9iDE83n3ik7JHMtmgW6v45NouduCTwRngedWByZrKoPYC5mecnruApuUBefGdZPf0UfVi4fKnPHckwLuk061XFKsPOwxmMW4Vb5hZ6NNztmLTQRcZ3tnig9whMT/fIHq2zR+mNL0UhdXMBQZpfxzLYOtStks3f/hZU7CVtazNgSLZwaZKRGe8ZdnpOr4/4qZqpMZiwQCgKk1RICzf2Pj1+8d6AjPrmDHduX+8pMl/mczy2uCPHbk7EbWg8eTVGla5EVQUzb/WKqQnCapSJiDa5hYz6cieGUaf1ViNFVrIfytaAhbWVxAc97eYzsWFDECrlBGfhvuv3Jeao2wVPynTTuNE6aI8kTOBlF7oFTcRsVidUtKZ5UEaQUWItEKQjpiSDQxZmG3z46dEZzckbn2BSMSigoygZS2UAxG4BrFds1nmJMsLk+ZX0+G/Vqm9KnWTA4RGsV8x3muy0UCCsj677GGJVT3KE8UqqRNofMj7EtUyA9udU2TvAHMzwvq5zstZCLqdOq8CFh5IDkZ5ZxQ+ir2rCaS0ibXGa2NICSbpI/MKQStOgUkI96sZ0b4aeFBTJrYvvT22rRuaW4DJJjXtDsHUXBC1IbYoFGX5S5SbNwWN0FUDr3LmD/tQnkCXOZGxMQ6POKL4crYFLT84QKmDFGMbFIy2BEQA2R5z3XIPQZu7OWGyZvKz20d3BkRlCqmpaWeTSL9/FLcRsaWkcS+MjS60+IECCoTEDdDPiNbAVO3cwR7J4amFZNBPWFEJ30f+3lzmzkoHlX4ijKUf9QZkeF3DAVV11ouRLI6H01CwB4nK5im3auQffDewrTBmSx+ts7JovYS2j3/D6sfDf71RpHSz4ZqZue7IOZ6pncGTpE8ebs2pwQEitPNJYszMMgvYllS4VCrHUV8oKjqtJDihYbPnQOihjnKkDqh7qGhnyI+Aje9jLy2cUicI1aECDUKNxlDol5oaIKiTQvA+uTnyzVyzMvqgQEk7WdUqHhZBNkNrVplx5FkNG9i27ziHjPRgsI0+mQCq80OXwSdHriWMPMuFuF4Xj3q9HGeBWnxT2Qp5yvK6EaRmS6PDnL/EQvt12st/5Rgy9q5MHeKX1EMBMddeLtisybw41V+sZk3fMxzhHScg1oNPi4o8pYfzDZ13At6GPhtRkus06Xhu0jdwmgX35BuH6eyqPQNGs/AxVJmHxtBjQPP5ygpkyFlwTqmJnDvsVR7kfTEYmDZxbsGQ0iUYdnxtS4zZ9FNl1SuE6QlspYrIPLaJQyAq
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:44:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716c-2780-4fa6-bb5c-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:00.000Z",
"modified": "2016-03-16T14:45:00.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_2c331.js' AND file:hashes.SHA1 = '24338a00f4563e06e1791fe51622e23587de7c06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716d-b0b0-41a6-9546-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:01.000Z",
"modified": "2016-03-16T14:45:01.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_2c331.js' AND file:hashes.SHA256 = '261ce0cec0faf247d00bc1c8866c7a25dd037ee2687980577eb3c326c236f3e1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716d-2060-4513-8a65-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:01.000Z",
"modified": "2016-03-16T14:45:01.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKF1cEigjXxYRg0AACMhAAAgABwAY2ZlOTAzNjBkNzEzMTQ1YTUxYmYwNDU0MDhmYzEzMjlVVAkAA21x6VZtcelWdXgLAAEEIQAAAAQhAAAA3dRVk44TXwfJ/L9bmhxZ/073tJNqZCuXgWXnfg6Asl9qis5C7QkgdIKGtREh6VSmENvUBMDziiXCzsEX1+H8YJ6otR4gDx81wezO4DTZUDo5LDRz1lGHoK/H8k+/gaBA7Y3Liy1D0yfjBr72UNfVTvQ5QtESMJNBy2tZW5fcQ5Ef9S5oP1OIrSVnwmO7x46DUp9IT/R54e1dUG8um7yDGSttzekuMyUaN/bGEmwTH5TIetGWGhIVXUUF/Lvr7akEboB+LEFJbfOs1K/SeR48lxZXhfvqYNm6FMZXBsPTiRR1O720Ze/nUPZJBVXEQtOeg88Yz3Fuy6cF8TbPI7RqIziGxeglUNR3dxAsCFZwng4IMa13JQrZ0nG9RKrg9xOSXhSB8qZKpyhllqxID+cl6N+Fcyjq7OECUlf+/JE6V+sBEhtOaCBC1MZZLYs/YTSkJuMMadRq2U+jxbW7EDoMaeBdnCADPVLRunlfQ2T11VJGzUXBHXoB6cwTtzIm7czu6mTePzZJ/NRiNU8gyOmJviwWUNk9UvTidTHfn7X+POlrfX4GbM0RFbQKVNdFSPS92p+NYv0B2uiOwuhQhodluLA4y5408a5FTI67OfmWBSQucn2XvMcY4ixw1pGGlhBIi0nokYSjkaoQpG7gu6wC/AQcxXKSQ6WObK1PS81II67s2sUr8O9uAI1NVcmyJufypv1SMjGVD0W8ZS25n8N29RnpKMnY7PmorjKePRGPdD2SOtZkNo2kPcUD2nsU86uV9fdxurySfIHibJ87yYSNkSh8Emi6Tl2/xcVYngEWlNvPWnlrD7OlJJYq5xSfb8Y+VrtaD1VAw+A2Huv7TxSHf7vdQiR/pptdxgXRrU4+O2ExrK7od9Ps3doUhT98hbh3roNdUL2fwwRQuY3DEWDXNseZP6mofNCdFFFO2hm0ZnRDaNxyrMooIaAQFUYIcegJaTSU5QgnVwFLL6W5uLKeiYyKvN8Oh6zg17SVHFx+PBjX1z+/rMJ8L7CANSHeF/nCzVUdPj7+BVMJFcA6/WivO+t9hgDGN+kcVfz1LWrO5gXBtwyUpcjJMb8jsaff/rO1U+Tz820anOGuVNeGbehFnA1mr+WAOBK6CwqXIG7Iq9ejxnErL/FrBdsjBwYWv9rEEwqR9wB+zMBkwhoTYuHF4klmVFVfyOZpL9/lM7YCwkIc1OoZ2dxvDVIZch7KpZNV/5TIIRuqE71rwz1YBjyifs9/VL/xQB/WClH9f6H8/SVHdqdyp5rYk/a+XDoP4hZ0WAxqTKC6JUNKmTAS8xWxP8hNa1Q0FDhHNsqdTPifMgjubBarZhBlvks4o/F8oKqWknD3AX/g20p/plURwt8vcARdxo8t0rHWdBIOCGeWahn8dc1uzCznfkfXtzT4W1O3d32mzcRSgSbE/czlA1D2gaUDrn9wdwkSbHv8qZjZONRhF+vZDJEG58WLYiSl1TgQNVWfBM5FVOY9yovWybUXfcFPUQ1uNhluBH/d9ljr/sLHadWrws9EOLRXvNYL4YTP33eaUfxlwLwxXEc9GGhGyqt2FsI5MV/+K5wn6lcZqXFOZSBcAexI/5K4cIynfmw4nqDvKkL5WFh8id6EAT0EtMBBsJKVHbv3n0RU+QRZ1Qim5Y5KW4lYsUDqP9TmYQm3tTDGDu0DLeLk4tb0awtIzLhaaoJ67LQwZ/dLXebzdTU/9XBCxSrPza9jwOtx7j3S4u52ovOulzT1ZK3L4B5tiFcLnKnPW1FmaMRO1zaIKurGZ5hUibFTMH6r/Dilx/ZDtDgLUphUKfPrYFy2Z1gx0Psq6BDIO5PTu4bzTKqob5fICVDq9fuU3/ZNwJ/Vhv70GHqNrbGtN8wVmFhlJahvzpcyVcbv2T4sjLGH2WzT4WWoonvadIcT0ULsUGC48y91NcVhIkkqEPxPJrPYQ5Mch9cTG0xb3sJpO/YksXlfNU7xmbPg21sA8ZD+tIX52Mb/nZ3KNIV7biP2WT3qjywjrnlOz+cec/FMupHgpKutus8SNs9v7+Ge/SZGpUcns1MTYzmJEBk/iAu9GjhBwivEd0xF+8J5k7q4Mv0w1rlNxaxCX5bR7XifuKpi9zieUdDLTQJBWGHE/dikbU5SsCT5frxp0VI+yv4a6E6lL3f8eZcFU6kndG4I+3BWr2acga6K1BYH/rs6uB5FQ/gc13O13IU0D0uL1wixzfWhTSaDzsVjz179fsVeeeykUC+QRvYwH5W9lgRfFMi2i1dZ6S8dIC9wKMsK1S9s88t3pKChLK1NVMtAFj/FbzQO67AhGod6YMYKs8m+eCMjp3OH/Twi9ktA/KdO+IZ6gWF9Q6vWWs+MHZv7nBs8jWb6O/JHDa7abT5Zlc+GdThvtrS3y3HJMA+V2/0/m+iQwTqMOdgkoH5mZzc9oDTsae0ZoTRABggBZSjSveh6XCkfov+A4u3uI4a8MIrxpLp9g0MUYX4SJr5GorQcP2hg/1cnNiPFVED8lGB3OHB6ib8mglQtRBbGF/3IEWSMhtr6EN+WE8SezNUv6mtF4hrbz4k4XcSRo2agrxGtiGpYYGbimLhvveDFusBhA89tpxqsgvHs3Fqh46J1NG/8brMtzAyMviufgSDZGpVxwlq//lavqaWS4PGoZPYHMzNAMDguCP1KC3xK6iReiyG3Wsx2KOwE5v0JfTwAZIwMl3Jy9bmQRBUNGw+itNwICJUFteWrR3NDaXlybjhpf6wYr1o/tGDS8feKfAbJbhrHerRc1cWsvMflejL+smEcxTO6oD3AvWWSMGVucwoKIkH0ZXuR4y/U2liTstltwK62q/uDG/FFKQEyua2zygouJYhhLHVl0xZTohI9cpSB1GYdjWpwHaAYEiYRTGEH6AJEGbtKn3DpKj7cCS7LF10kH/2TugrciEdhVQYOn/tvQeJvvcYQ4qK/8SeY6A+lafbA5dQCtmVAhPJjfT0skjfemVaNniMxfumfEsGS8ArYRzdRRXpSSVfGBknTZ4NbFiSRCXs0C8ouOd8c8atDTSmkGLSwHwDw1ad8SaLC7+m+8OapjEf5UvX2pfd1O6NIR5UWKNvvoaT/Xp0ihh0SIyY/Gll2OdE6/zCeoaEzodO4slzcT6qFV1qe77v2EIKY49kvNDBCYPutnTaA/mBlej7K2nbGAWqo2+kGib3e1OwxOMUdX+msmSaYZ1OAG6kk94g53N4lnhxVSGTKPu2HnuRJTvDOEjYngG4vZ95NCz44vkO6XHbcdzKAorSGjhKqPjxoXvwGBDe2bkHmNDCF+BOsviE2Ap1/ZnN62CD0ZC9FFMRl2g0cIoVbxuAbDEtIYaqsCvdCo4vNiMtwMGfvpMkNiUA63oBpUkzOSmuoLLRAjnCI5pCV6j1cKVQC0u/4/Upiv4+r3plHWHyZlZy3a4sr22pEx5SHNRPKinsqgvLjNPKlbiy/g1k7yDIIJN/Mjo6B4x4oNtD434UNfNEWxnnNsvbDY24xM/UkND2QbllOE2IIYp4Ijgt7WAPFDpu2ZQoPbpvRsR3Kcg9VYvv+q9LbPe/Cr/rYUyq5ik3da4UnEILzfGyWr/i7dYAySA6leqDsJG47CA1SYKgpWJgNkocOMQ32xWVPzYHArunOItToCf/7I3+dtqAyQN1toYtOjMaSCUhV6HY+W/491GyhfSUVd3koehF2eU2dgBnrZ6dS/M0fMs3abhWgkpIug4QGKCWdMqtHH4TmLM0VKp1nHoE+kYkEySNDBsgSUJ8uaxoBZQj5AzsNqthUf0WEReBZ0PpnhNGFzWa5A1FJXJt+zPS0/nkGprrp6iWJCCmqjU9Qm8Rw0tYsVBCvmsYC0zO7NbvJpGSuEgnLUAhxhFiwWSrPgBjn5Vr39et5b3tmq9mCaKP/xmTQdUEMSYkmccevxPz+OG8RF2QGJQ
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716e-bc28-45e9-97a0-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:02.000Z",
"modified": "2016-03-16T14:45:02.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_2e542.js' AND file:hashes.SHA1 = 'ac00650f6886b34aa0619c78ccf952db86b22e14']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716e-d21c-45ac-8a51-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:02.000Z",
"modified": "2016-03-16T14:45:02.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_2e542.js' AND file:hashes.SHA256 = '602b4084ec641e7c6145a5bb2065b7aa40fa2fa3ee677a495fc85b5b1063772f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9716f-9040-4070-8555-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:03.000Z",
"modified": "2016-03-16T14:45:03.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKJ1cEizr3vFrwkAAGcXAAAgABwAZmMwM2M0ZTdlZjRiNGMzY2I5MmEzN2FkOTU4NDI5ZjJVVAkAA29x6VZvcelWdXgLAAEEIQAAAAQhAAAAIladKC1ii4Cbg/6BRKafyiwSRouHyCERRG/zacP3LznEzNsnI/FOdlhSfDBxk1yceKH3x6DTJG+mu0eMDWE1dL1i5Tf4ANHbGj2vUUM8+MY8FUsSMExcRMIXo4AT33qMlHLbHb4E2ajyS6w905qDhckBYjIlMfw8vp1fwfjv1DR1ugMUzHBn8YUJRi0AmTdmr/ze2lgghCkPFe2KLDIFnFuFXmSkp+45itb1yKrwDbPTeDiJdBjIWO3iCQtsPhYRqMGZ5GOjEnwn00VKqf0nfPMBSOy+oiFTgeNZFY6Bsv60RqHk6PKS3NeJ7yj00nL++G1U1pbt6r3BM/k/GYDifLARHOHj2tPQ9TJusuQuJwAAz5mI/eZWJHewN3B8lp8WiQRhx72lzOcaJwBkzG9anQBDFcz5P5LFRD4H2dMYtJbsRrh9QYHe1MJy9H03F6+hyibJCD7NCSuhjq/eceIWFyBaPYx1bxFYCGxvuDeBBI6RJQQukQOyPPHk/+eJXkQjIB8gL/ZVPqXUZdd7KcAv9UCuu+2GCHVx/CR9bYji6dL5aKZDKwvdOe4IEvEIQfA0UkSsH5ktH2nddRK/J8WIwRxOsYE9iStIea4/KKLoKAavQ6pnw3lqKfPB0AgNKnUfwAZHYWJQKNx4mHOIiglC3mys5DtpuwKDiZoRzZcaseca4lEeO4JXu2JeEBgWtKtl3zP0ec6q+fTKOxsAeeROXoUJj6NLboHiKqi/dhj7w+TLwAhRMn0SLrycMtzRGSNaS2upkOUHlgdStsqZS4SkVin4T4sRVzfWnCAUkSlIKrF7Uyp81DTZY5gG919lvg6v1GX0fmkrz6lVcxQxKEe005BYYxo68x2nDTFhZ673Qmt3QiEEi192GJezCLxC2G+cQFcPk1/3dC9lGZfC5eyXjq5+j6UM2G18RP9gFefq7S5JvkWcUe0IJsd2+6LGQz74bDRlU9lZFWVVqXcmt4zb+Efkr1lkYoQgBFdTj8PKsyTlxd00HbBL/cpuXoN4C7uEfXgJHMuJ6+TfOeeSiyzv51/yF3yvwz+KhBRCrsnaU0zb0mGy3OgD9Dd8vw0/3gD9L5ZjMieZSbD5QZqWt27gGcgzp4SpNyW3ddMtKRh/FSAwo6vAQdagRMKiwJBkNWjZ6ZOi34ehnNKyFwymndwQssWtss3k8xqjCYN8P2ky8xESVGUBfoqPNYMdTP86h348r+3b6tJzLMBxAsp408kQQGNn6fDBygKKqtva/ALL2F6g0Vbq9oemvTViEF4t1yOZd9U1HPDsmPNgMkg/aQYDHQtK0qp/WLe5yyhKN6zX54ff0h0hmj32/UmZO54XJA9S8hxXKzEasAfLBsgc2u/uZOcKq3jH144U5xM6Usw13OBjrWcKJRh+upg9lbGwtcYjvbytdGpfEICqie+9WiuMhEFGpjmFD/4fxFRDQ4cjJh6pB2h1m/aI+mqnmZPjOQfDRANrQUf9NMmOTO2vL5Lu18ESHlICKWWU58ix43oZ8AkK3bh2oKC3YzsVxhxo/JZJVzyaV4xTGitV/2BHsTovpg36ggvB9y8mX7huLyZTIqdyKmqX80HAMEApsSmKrtcGDd57FM0xuxxYifo8I/kdZbBZDXPpf4wAA5fOQRJbbtLJ8GI7F4ZK9HJwFiR54NOcORArebKxPEO/fJbvsu6lfYL6Ct9BTcHMHZ+v8Pk8YLZXPMwn2eLMXendK3NaP5HbqWIMlIeT3XRZA3tRNeat0xXw82h3O/wCDcK8Ysf/i3sMR5FO0kYyYd5qFkmvk4li/AWbVceVNfUI6shkQkIXhkaehACyXlXnmUoTHI9FgNBCo4xRwTT7M/pDLq/kIktWW1UiAgD2KzcxKUdBTvxpvSESyu60mKZMeIGmUolAmCJ8mNxIZ8Bh73P97aAZf3AMxzWRXbPrqB/kP0jMeWIG5UcloB8OFZ7Nf4pGsfLccj/MtJ0hticRLxHS9cDSTjKqcGeJOx72sHTTF6sGrmfNX0bcPHhji9pYuQLskWkv/k+EpFIf+a/ygXXmyu2ZOFtOTRA34+Kk58oclm8JjfnYUhWRn8WH0cxsSjTwuPBQTfbPVMO5Zbr1/oHihJT76KzfUEjwUMXeh4IAepmpI4+raG1QOU7hNY2pliMGRsDEPb+JUw1ae2quQ05erHjpL9XBv+H2i2WUN+9PGq/9rLkgNkzf3n2CCMw+CrDqvzYvEm+hooCie/Q6XPSNTA4yR/Yy2b/QaHaSEkd7VbkzfqBPpyzWHMnxLCjwrmRnAdOEzZ4tKlhn0R+dya4W/oRYlIIFQX2FJISW4zGyZYA8xxWkhCXIRU6zrTTWK8JcFQyO8ahujafwy0Ww6DivFFhuxfBKw6Ny7yPC/UKOCK90p93dV7D3UsSvCrv0umCumEHMTnjAesjHGNKAmVBGRoWw7jI78vwMQHHIi7MBdLaxOXquHtyl1fOui1luyPbbaH+ahIz6BS6LYGliZKqI/JkOIqf6yYM8E9bU3OM37VlLkPsG/j4wkETNv+IwGNS8vbsdw2v6IoeGUQszSOhQpfroocyD9FqupHUOr9HpF0HdJ6z6SrWnrQFMQC7iPMvH6XCSYii7HV6kcBmUyvs1dga9guwo7K3nkAYBHh4K1sLBFdSQ+mNM238mNoqVP2wwD6J3F00ZoU3Z8t6VqDtIT+sWkdyX8A9hv3qELBLl2+jPvMtdj0tI2qmoymygz9f9Xbtjx+UiwtjeONs/hBGch1u+VUpjTEsWHNYQQOvG2CPUW8IAAAWxPgeONw0qC8SfVdfbRVW7kIIiSqiTckbXKcBTAkpEPD0CSH47dly+wmzocbtmUK4j1AHLKwNJuNkjoam7R0iJLOzMnPabGfb4OckPZSOMqWsnToAwW5tMvx5Q/Yzkhg73nHNWX0bbOQXMXKXh1CaOZ0yHn7OKYVbQwJoRTptYHWlQTunikmMItmauirCy8XXIgHne1AxLlyYK+1LhOACgE07CiFFUM1pJmV8GYQqv9eM9iq1cAXiqH3CRxNjjfZHat8T98IKA/DMNGG1tfLVJBJutcAxzzeDSZ237Fqj874M4jHWEfxetfeXXx1Mv+QAnOssFr+UD++4c76vDHITDd22L9FR3mbUdvpYrp1/IR4gF34cdk+KGkTa/hZwW7RqOY4Q96ztZZKcjvcX6313PyEr4Of0aubtjeZqyAvQQNifrSMo338TjTs967H3/ZAhQbY5ESI6Qd7S4hXcuo1Cew3nxr3jhMqwOpIOOddoUWp0NfDEqzaiwIyJZab5fCnvGxMI+WIHROh/FG6Zz/1BLBwizr3vFrwkAAGcXAABQSwMECgAJAAAAonVwSLcIbo4cAAAAEAAAAC0AHABmYzAzYzRlN2VmNGI0YzNjYjkyYTM3YWQ5NTg0MjlmMi5maWxlbmFtZS50eHRVVAkAA29x6VZvcelWdXgLAAEEIQAAAAQhAAAAjs3MQgge06vH0dFX0ol669XItXnjjB0PgxRtmVBLBwi3CG6OHAAAABAAAABQSwECHgMUAAkACACidXBIs697xa8JAABnFwAAIAAYAAAAAAABAAAApIEAAAAAZmMwM2M0ZTdlZjRiNGMzY2I5MmEzN2FkOTU4NDI5ZjJVVAUAA29x6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACidXBItwhujhwAAAAQAAAALQAYAAAAAAABAAAApIEZCgAAZmMwM2M0ZTdlZjRiNGMzY2I5MmEzN2FkOTU4NDI5ZjIuZmlsZW5hbWUudHh0VVQFAANvcelWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAKwKAAAAAA==' AND file:name = 'billing_3ad0a.js' AND file:hashes.MD5 = 'fc03c4e7ef4b4c
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97170-07c0-4e9b-925f-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:04.000Z",
"modified": "2016-03-16T14:45:04.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_3ad0a.js' AND file:hashes.SHA1 = 'd5e8c26c8b9f8fa0cddda9f3b25b4f4a76b71d09']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97170-8e20-4d97-8cfb-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:04.000Z",
"modified": "2016-03-16T14:45:04.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_3ad0a.js' AND file:hashes.SHA256 = '34a0167c1038006c46bbbf56bfd9ece8a6f9ade8495d54251f9b31eeaef1c881']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97171-ce3c-4816-90b5-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:05.000Z",
"modified": "2016-03-16T14:45:05.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKN1cEg5ylyhlgkAAAAXAAAgABwAMTRhMThmNzZjNGMyMDgwMjg2OGQ2Mjg4ODkzY2RmMjdVVAkAA3Fx6VZxcelWdXgLAAEEIQAAAAQhAAAAPG2buCdT2s1iab9EQqBZ3fV0Ln7h2v+AYEW/aS04j8H3hh9KTlqboVToUGB1EpKYT8SBQsBeQUnIN5MxxWhB8/SECWndFnwImZ6NNk9N4kZHJL+YVX2vedMJDbtzBb1tyPmXOXqwuvAEmyfNXyNygWbeolDkRxOqWUXQSlG7ZqzeJIK/nULeC9bbqkxjfqqiY5Ba17AGmW7ui5QfxescM5oT6n9G1JeeeRd6Llwp1XK/W+N0TX6nlhTuulFGrp2U9nmFdJX3pW108B9v7s7q3HakSTFIs6heaFvy0KNeG8foTTQT7EpC21sIhz11LEFXlJa2b1pfmGocCRALLUTknE1D6wraQVTazN80FHfaeH3BEQZ68vdkpoHvYCJXYSq0BSwMrNAsmIi594VSHStgglSxlRwN3QpipqIAnRhgQbvMslSpmxzGAkOgITqLWQMZZbIIJBa7weSG2RHTeowTM3bmvpx8uml2FkNkzB5ycnGV1gO3q3XkL2plr4TRurVtA0zJP/FO4JU9snFfgjEjnGyrxOlIgZjihGNvrut5rOab+wDFFQEtYrz5nRjW5dB7maQ0+rFi257lVyL0UkbSgfpY2mOt6RZ1DN7GqHGvHvmr1dGp3hhinLAmCj8wZyd+C47VsDK3raxzeoAOOarGgRcOY6c/84+VA9a/5GSo42HrDJiEqHlT/KVa4YfCAKFtFRbnvBLMawS3dAEUNUlZli9RkWW6rxbLAZbRE6miAVSKluC6opPKUs/fjCUrpu3rjuKZ7kdx0dZvLO2J8Z3W1uAYsqMFZM/RG3Nio7gevn1IVsomoNHe+6oPiQ8zYc/MIwHCL1Q1vpbEmIwVIAAtIKyar80sKwbuk8K/Sx2/N+c7eWls3gQA/2QMqQ5Rhyt8xIW8ZIvmuqYg0BMCEKTgVRUU2kx1Y5cDaEV3oSjvJTv74yBaTwo+hUtuMl9XnvC0q0sQAb1SdaChlZDFUq4Uwcs+aMdgRaVmT5hm6T2nzu89Yvwe14Z0EP366cn4ChO+nMGMpqiqBPOB1WC3kXgEXWvPyCVNPIPrm+PDfMNvpmaV0JpIepkWhSjYhT+QCcdeOLI/sYbcY9AmYSxLOA1Qj5AwG0V3FhA1xS6/BYkw99m65ROqrplqBAfE6ve4j8y8BzwxJax89Cx/dHiikPdS+rqDzwhuXF+hkXvUeCP94fhVpNFKGjDDWyUzVjQJIN4TYkoEodFXeevEE5CvcCCaV8XjNWW93ioh9Cr2HJLDoS3fvJ+/ylstYyVQf5Y2ZlblmfmJT1sf1MoU/dIpJYXSduo7ypuekmsm53HZ5AtJjsKNnxxg/s92oy4Wp96mR2q1dYlcFfuYLSxRcF7dE7yZfG+taiiC/NzQghd8g0UW0knd8zXcGgigkmEgAM5nv2w0zgdIjz/oAar4pkNIX3m/43V/NZ3lGTqgA1/HXP3naqRKFQO7gw+Sk9X/e7MtMxk99afhgIoGWTq8tr5XwGUuhBgsIc2Hbqqy9Pu//jzsjr4udHCvsVmkVGBBR6u2fnpI11zdGk2C4BeJWkXPCMbuCpRM6zJqCANIFUecEyvbOl0ye0aQx16KFj6ObLzhyLoTypW0zhiDxW59VZpNrS5QwP4i1UqS7i5DL/pauA7StO7K2rFdYcazjbJ/RUf9sDMNV4Iyp2Gc6wgHjYacoAj9da1rp8x+xSv+dEzIUlT8RuNz5Wucv8HttElkVXMYWVnQ0dYrU6IjPudmCAVGS4q5aK5yueM47OIhNrTMsilqsnm8FZD1MJKRnH7Szb9SIHNfk/ZF30hZSpRgdRbBzCOKJyeFUzbD35o8ta7gLZernJSbGU8gsnYGLLqRmWtt+Q9jwYD1rYuDCLQnJsxsIXSSe1/MBQPwK6P2gIJbALLv0VkUoLuMx0B6gFDzKyG/5tA+iG/WXvMHyDsVJalRbXbbx7yC9WgGbnz/+hR39462ALLpnsr1XjtNDE+1rgHCXi/14IZFcBWwnbqpLO6ycLHpZNrr7xjnoEJW68kbCYaMxgjYq5pwb1QBe9Bf3m4xqBNmgX9nhbql/PRuip0avMdPXoCy4/NiCgroOk7DVaQwXRJbBc/P55AzlcZKit/IePDnOlPp/MiVQ1nOZ3R/hsPeWWP9QsCqV5W0mTKDi9ISJ83Rine9+J4ZK7MVfA9FBY8rvltUrRQfPX1v5yeFFoaJkAui6AcQm/Clm8QdgSm/UMeHajoPQsvgzxh28CG5uUdm10zputULwJCKgSrLmjqoDcpjZj+9Tetngjs2mKCMIuXj2HrKirkUVjvsjHPwTU6gLnxCdqMn+TI0ZGQxJZSlcZkGmmE5rbZxCm9D0SkNoPSDkWMbGqgGPiHwMkYcbsaQaGFMar7jJoH4JtBlfErIghTHpHVxXwuoS6i/77WIgbqaDJ0lq+We5txJrG5f8RiWyi4kOSy3Ps1pHew2IOAAke/yoHSJqynJXh1tKExX1mGrqadZkxbiLN0KQqlUS6f+zRckZPb3jq9UzOxNs828yxj7DzaHtyi18ZFYQBpH+omq4QhXeh2/dgdqmhEZoUOirLm8ThLQowvs2HfVsQCLpiuzkAVTiNPyRQME3COw+FloamlPcgCxDNcHV8s9R+tYv/lQX2PbwLGIaGsMvs0bCUocvHjbQ3xsdLyXjYkZ/AW0nmRHdgG4xwd3favHOVrqFIk6kYVUXzUxHyrrYJQ0g+JqdsrILNRr6QrxKtsdfQdgl9kKda3Vj5UkjeDQuVIw68Z5+R30K3zw73tj93ZhPxl22xVsComOH3XVu6yq9n4otTChJ803lBY/09gzQfqfewlJTNna1WJLAos+BWSPoKTkDrjYXhEmSxpg1lDEMKouQLyXuzgIsuC90TJayQLhf9HXZjGF7RVKV4KdlG+uLLSFWrQDSIdBu99hm5Ee+4cNwC8CNiXbZ3xOVK+EnJTtsxSp8QbK1dYLzhR/fohpwOPXSv/0TUXf3qEYoTY78HvbS1URB7nYQ8exVMvrF5aXu4r4wlo4zjk1LclRrgnpI7XlCSzntRIGTxhkyH55xDE+oa/qP34PDwdV0dm5Ue+ysLrpthlmlX7V81L1XJmi/EqlIJ+bDFjnt+u0vaZTrmVupJvZM1i3AV92sDSNjKXI/Sx2hopfHfzlNXoE/D69Ns4enPsJ6H8fq/ZNS924+R3iD0LVZr+co5oysT2GmrDKbMMAGmm7+DyS7AX/oGsoZMk9b9ymTqKcxCtBgL3zoWIRAMNPUpGe9vjuCqRUPCf2YojUDSAnUEsHCDnKXKGWCQAAABcAAFBLAwQKAAkAAACjdXBIzasRXh4AAAASAAAALQAcADE0YTE4Zjc2YzRjMjA4MDI4NjhkNjI4ODg5M2NkZjI3LmZpbGVuYW1lLnR4dFVUCQADcXHpVnFx6VZ1eAsAAQQhAAAABCEAAAC6tPMee8UBvblsJsNeyJz+fNpr5WRj90Lc/K4qEBhQSwcIzasRXh4AAAASAAAAUEsBAh4DFAAJAAgAo3VwSDnKXKGWCQAAABcAACAAGAAAAAAAAQAAAKSBAAAAADE0YTE4Zjc2YzRjMjA4MDI4NjhkNjI4ODg5M2NkZjI3VVQFAANxcelWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAo3VwSM2rEV4eAAAAEgAAAC0AGAAAAAAAAQAAAKSBAAoAADE0YTE4Zjc2YzRjMjA4MDI4NjhkNjI4ODg5M2NkZjI3LmZpbGVuYW1lLnR4dFVUBQADcXHpVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAACVCgAAAAA=' AND file:name = 'billing_4b9447e.js' AND file:hashes.MD5 = '14a18f76c4c20802868d6288893cdf27' AND file:c
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97172-1370-4838-9ce7-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:06.000Z",
"modified": "2016-03-16T14:45:06.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_4b9447e.js' AND file:hashes.SHA1 = '1f491703ca54b323c8039b7c23ffb32df59b1ad1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97172-a268-4468-b52b-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:06.000Z",
"modified": "2016-03-16T14:45:06.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_4b9447e.js' AND file:hashes.SHA256 = '381419177455ac798ee039919067709905c74ebfbb024bc64661441245b021c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97173-08dc-4be7-888c-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:07.000Z",
"modified": "2016-03-16T14:45:07.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKR1cEhcifFb5QkAAEMYAAAgABwAZGMwMmM5ZThjYzAwOTI0OWU0MDg4OWQ1NGFmZjM3NjdVVAkAA3Nx6VZzcelWdXgLAAEEIQAAAAQhAAAAyHMwMRC7MHNdNAu3YYl7nerQ5JrKOqNOIE+DnK5oP1af+B/TJRt+ZZtKTb7U6/s6CltWwFj8TjsbEvSusQ81aMRXxGHmiXCEhNWDJpqDxPMe6cZspdGWgC3FQrnQjT6OCToXPQz6ghIxTGWTI63Zq0QK8XaN1N3BKNIqYEx2Lqmk3oiuWRqoyOMw4s/RQLVGxY/+x81OZWHAQwoDuGCZjKuwZDLOpY68ZTygHUfuts9V9eVIyZMpdhZGhfFU9YAiyhYe6tbsDT6PmZWzop2jSfd/Gqh9wnIMTJK/Vyp7aUIAEJB2D25iddevSCnJinBSo9FwzPc+lYcBLhlXQ5bMnI9e2AGrsbjGZmbjK2//ScEdV0Br8yBpXhshVVmNMXUb/92vJ69m6pzxSlLuCad87nt5wmNBKw404VlasejbU07t2iJHKY/8W1wFisPcccJW5FW00SmxEsgSNwqSALs35QqQ5W9Wwzqao3TucIqE++/H2XAJ2IhrQKD+MmutAPbql2vIy79isZHEIwmUSIlhKH5bK0XenOxWxMqZlh6micTMh8x8GbeOTp+Fi9pdm0KIXN3OVRizcAj7/QYElU1TecqoKODk5dErXnFzVdZea1XRTQGDnc/7kJeyqO0fqTPGfkVfW7pISaELI5fZ9TSbz1UgRy6od8A4VfivvET6jSb8QnE3RkGnK4TcfQLKHBqtb5NtbNryiC3jB5LGubnZQ7D3PNgnOZcHv++TfZxHoAZgd8s38BT+B0sBKg4pfIOiYkXWS/rcy51c1zgUZF0tVt6A5Zv5gIKOeDUG7lMN/N1F67VZtBKMh2IUJoh9+Qn13RDY2yEG9kjWTziDMj8mm33mhe4h9t9k2cXYVMQf8d9yUJFM4CmCDaTo1r9otP7KP0ZeAxxyZC6Yn+HGfGbx0hj6sXoVwTaUfqQJL1/xqJgH0POb3WDzdbXSkjOpMvHEpauAtCf8rYfRlCHrOOHjE7T+EUTClkH1Kcuhlh6fST0ZNqAhgYJHKM7bs5XBazDKDzr2qIY3DcUsnq3amGYqi8jCTR9xZk5rT0F2LWHc8N7zQKi0ZPEAu7I3xgv9nmZrq4zcu3JO+Y8EOXg2t8DBIsegkNVp5JmeXNZtkqWMOhAbRKtu3jNVV0WBMMhs7YeEf1x9u7ooXuzKOMjLPWz96qalFAJ+KVM+8m4W3skGurgggmpxH73DmLS7VN9XjXqJOZJR9snKKrIYqjsj9lBlV4OU8yMm8BIkutcFt1nnavla9fWpO1P32o9dwh104NTZY0Gv9eAuDkVQZaVNCt+FA2tUeCMs7LluKzOeXH0WkVfWp1mrhRf47izFuLh7zakhuP2e4FOV9cBGtAjUJ6ICsSv/dKY3H9QsgdW/uXhVU+O327tsfRfV176e2mff+zHzfif5zOk9yvJDiRL6khYBYmsP9WHbhraiOOFcJD0zMy+o+icCZM8sDKlWUIBKl6STZHwUeyYRMrPfFHL4UB5MhtgTr7ru5xzlgLomWowtYj3rEpJzL0i9n2VHJjLdT/z4Lx0B48TJZLGvMxZhzfEy9kyt7ebT1pl7+CpXCO+cXnNB4EA3tAryx0CtUnFtz5j6armjg1WlKQOOkncBNxBM2fIhZrwpGzW+P3EICf4/hnvnbloN1Lgzb0LfGEaQoO9jjXWVUgY59cggKKgGOnrnlmkc1c1RPN7N6+PRanJRxQftiPI2pn2swaq3mVPAsft6g8BfmBUO2HbrsZnh/UzK7ud1v8d0Z9AlaYf4aNWJISGS/5AS4DzyGMlFHYM5w2H/5gM80ZT0mrQQ8QOOKult6/6HTf1+QCbS6qk/tKnRMHcQmGWL+47RYcrdNNyfeFKchhsGY+vLVdJT35JD8uHaKZypVrWD1Ui5wVMCD+03SrfgzUbGjTRBGd4qULiAAf+SWmRp22CKlsYfucsvxSUOFBKYBSvrAdlFGKOy6+mmInlQjCOdE/dbc9XpBr4T/D9s+4yZ+N3zzq2Ft4pAuCazBUnefhR/5V1wLIS9KtlLZuOaKTegPDQcHIKLDUn2LLoNT4W95ZL8Jo+qGrNMTk7WcO1uO+6aehGcnHh/qlutABM6a+bu02Qjgl0vwT4bxT19FPtl54Pd95spyQmCtExX4SMOTkhvldJvkiZJmT1+ycMoW4QK0e9hg9CfTz9kLTXdRomfoCIHRt0bFFIDnVoP2Tu9ay69TmcF4HzE8diuy+PkqeXiaWgMv3YpovveGyyvs+0TRWoBxFzuygY/dLl2VXTmMIjPMc1LrnzX4gKT2sgp51ezrFpuOEgf91z2s3brWk3J6H5o9aba22K9MH7MrllPCxiX8rlzYsiJHTu9/l2cIE/y1XEtCqx96mQihvf16dA6RX7BcqCQLwkWyZZF2hxtuMU/gy+Fpcb6mzN+ngbImPUD5NqzuoNI2wXq0hrRP/FuZTapobXb4QOFRtUsYEEF1MN3NlrZai7ZPsEPl3DzkwiZfKzwBo1FXST11kwfsdL+z4fJJ0rmyUxSYEytaF2xb1VtCtYXbJGyMZCXlRFrpLZrAm/wmD/U1llmFyajVFYDWY4gYzKzSSMxZJbbCXh17gXDpxC3sCQbQSX0kHcG54t9gvOO2axRs3T4aGX0+WJ7G8608gYjSn8Rhd6L8FqMcxxCr4Bi0z28pF8d/9tqar50TYbvqbzET3f+ypzpLKA73SlIohoeUJZ77ktPro5qw4Rq6KtinBhmBEFQ87iluHec1ITVWDipommBxtzMLEgI8SEjX4gt1GKvsdyXE6PoJPP8vUYNmw/mmXVtMyg5f81exgXcQe/FOpclbA+FuTiTYCK8/6ZshdIpkN9wiZQtzZRX3XWKUU/gccqVijb4SqQAahgO93SQJcKiIkt8I/77hLnAiXX+LMImi/CtWh7cQ3PkZXTT9RdsQ7l8oLUamyaNYQqdFil/rgHbcvrPwPOVssfT9+4W23KtcUTslTBAmeZVEC2Ihe1kjzFoyzfJ8yGWzlP0rk22U42cwrz1cNe9yZJW4TB5yi1VLk5j1crM0stQA232XZwRJeYwzYjqHWDQOdl7j5KCAaCOy2ydD57sBJot1aLsigPa2Sok9QfGDaMUFY/3rIRHVJ+aaiFkpyLm7TFL6BCeFpoUguKZrWypf22EA+5GmCj9TbKaZP6gRTpndWrj9EdEQ3uL7LKM9ni0T9uoiIMubTagm+pY6Ow7ypYHHO0J+com+LQypFrYFmNEtsPyTyY2W6IR+kNwZtZtZKaBwisC1Lf51SKCg6I4y22ri5aRal2skRM/rzIA1XTadNvntHA4zGOfWMO7/wIozbrTT6nwpgZ6cdriL2ex2KVGkUXbJsm+rz/a6+EGh6UMPiGEhZJuK+MQdjd9GDSSUlBLBwhcifFb5QkAAEMYAABQSwMECgAJAAAApHVwSEnJivwfAAAAEwAAAC0AHABkYzAyYzllOGNjMDA5MjQ5ZTQwODg5ZDU0YWZmMzc2Ny5maWxlbmFtZS50eHRVVAkAA3Nx6VZzcelWdXgLAAEEIQAAAAQhAAAAPwjKZO8N9SGoMZ5f2pAkzrX9MA3RezxIgv9zhDEx3VBLBwhJyYr8HwAAABMAAABQSwECHgMUAAkACACkdXBIXInxW+UJAABDGAAAIAAYAAAAAAABAAAApIEAAAAAZGMwMmM5ZThjYzAwOTI0OWU0MDg4OWQ1NGFmZjM3NjdVVAUAA3Nx6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACkdXBIScmK/B8AAAATAAAALQAYAAAAAAABAAAApIFPCgAAZGMwMmM5ZThjYzAwOTI0OWU0MDg4OWQ1NGFmZjM3NjcuZmlsZW5hbWUudHh0VVQFAANzcelWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAOUKAAAAAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97173-6564-49b2-a5f6-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:07.000Z",
"modified": "2016-03-16T14:45:07.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_04fcc7be.js' AND file:hashes.SHA1 = '6efb22561e87ff8548eb8985c5c24577237fe1bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97174-2974-4c9c-975f-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:08.000Z",
"modified": "2016-03-16T14:45:08.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_04fcc7be.js' AND file:hashes.SHA256 = 'c136c5c128e95e4a083f759c48e93d9f4d59125d51efed4e169488385de9269f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97175-3ab0-400b-a1ef-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:09.000Z",
"modified": "2016-03-16T14:45:09.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKV1cEhKsd1vkAoAANoZAAAgABwANGZhYjVkZTgwY2E3OTJmOWE0NGFmYmNhZmQ2MTExZTFVVAkAA3Vx6VZ1celWdXgLAAEEIQAAAAQhAAAAxOvn/P5PmHamn8/qCM78Dr2KDkrAU+fbSwV241x6KHIyMxGVUD5VwHtpGBGyqb0eyvuojFmO9ULYYdQes52htxBNHLyAhkBZmezbP/oXJTVYYAIzgbrLnlyxF0sXu4GyCk9iNwRmx1HcJ10DVA7nF7CyJv6RwFRP8eSwfM3F/Wo4lLCsTLodOssJjhVoz8063W8CC5e09XJS8ZmLXmMtArWluXwiCVcNBqhc3/EKJ3AtJtmj/D017tUH9wG6jcFxWoWJ2+ejJRthvFz9jqevNNi1IZ/8Yp6J+xzA74oX1JUtVsS8BvkEw8Vjz0vhCarDM/c+tj3SjCPFkX2w/N+Y1CJAu8G0RlCeiA+RYOuzwPvywolUbNZSsoRe4TA3C8DU0NZ4pZ4EHweTJV1cjUgJ/imCURMaN4WOre0KiT8cmBKHc/A6k+RI2POgB/6hPjl2SlnPKoBR/P/Zr/Q/717AWQW4+BlJOl6SxWm9WvxLeLI0zWGXpVfSpRVOCoLdBgS/oDDyxSOt+grvcm4HgnLWQd3+jBaIpXjUKCefDCqb2x/i5E5cyGa5oKnjvTVaWIvv8np8GxPjFrNMUKX+8j3+UdRyvXBOmab71DWMwC2EjuqLCEdVe4C5zg8kZAcVQydYQMk/0jh7KDPLX7koSBYf7faUkyJqTWRSY7i73zPoVtTI2U/olOgivCWo4uzGS3SOv0HkXZUKONMvtu4HknNr2wXoQmw9SUuWtz/dB00qBpwPQ58UFUzug46lR6OyOT+yl8nu+kmZm81BamDc64q5g0WvOSwqte2l8UxE5z8lzzq8p48Q1j0Z/U70yaslIfu52Fds+7oq4I2IVzJJIBjayCcabhdZzq0CndxSklwDlIY+kpTqJvvJjNbV08GZ0B5d9F/mIFuQdOc8gmCFmD7Jy5QP24s2TcAmj8CusrLEzvsr2GZGEkKrf6nBrMnPYkChY6KzQb2qMjxGLtSy6qvFyi4G/icgoArSVY8P/iedwpWWXgNUI2OKjlswtHqwJ5eD64nKtK3NKdu8SA+meLcNhR9vIxNACDl/EfqICK1mm8yqH1FM/4zIhyweZvCfIsqBnC1k49Kbiwg0Vyv+XgSo2RU6etTi4jgGhFZUFyjViciXVS9LiHwsZJTVBm4grx/fNqF3MMRVD+H5P6yDXUrX92fFUVfmPGNX7XzNRV9pzBSZXZXEox6rbgv3kp3YZEdBymbHWrHzqLyFHX0WL8Gn4Er483j2sgyJVL1CEEsjh/G/DAywetKifQ81Nx0EZW+Vd0FCpReS9wCQCa9XsYI7k5dMBje/XD9t+28yXVXIs4rV6ie2rlytGZ3uGbKjK+AZ4IXWb7lUuXcGETsz3Wcqz/rblSZO4CiYvecm4EcaRcriZgG0MxjOsd0GOUTsrlYVcE5/l/Vmf18njzfjY/r77me40Ws1eFG+TbQ0wz4qqHjFCFhOUlqKiKJWTfQkn7/n8N6yQsvCfZQiN0TAPM4jCJtXHpOP2YpBJ61E2iPKuRe2qI0SIr0GKra6mbwU5SnvBbcIRMaENwir4dbst/k7OIQL5XFXfhvqe7so1KrcXr4sJ6ESD2LPo8Hva9yVHfDVs6UgBvmP0LKKkYnHirMSd3gM389DfylOR4xL9G4rQllTG4D3gcUBNS31dCEY1tzia80DPgJUryWRPgMtbHahdZOzftimVzkbB94aT5Q/pZstwdyRkSCX9Gz1AUhCuTLwc9yQWnCoRudJdEEKiuGI/xPYWY1lT7s0Q/2dGGF/DOCPgna99cT1/5F0aygfBhIpjvLZhNWEWPVp+Er/I9P0acwQEFe+8anm77qZx8wFMD3F4lwLhUaID6vpnwrg1hXtnurUMPHhBDDLuYOxLPVOWt1wf7kGmZGdi3mv9HhC7dNDQAhnycBwvNrLgBZhuDMUivvJXunZn3oYsZNLM0PYGM2ofvb1x6Ud2edgezQURP5lxZoihoHrRbn61rbmL1grXN3sUkaEG9Y3lVnxuv6hDX6dpqTV8/QWBlqESr2nQbQLuysND72+HPyZoznzDmmGWWVrBJxqdRqGXMKSCEglLbZiJomP4NdX48bBz0Fc3kL2mcmX70XaPdaHh569bST8tdYBSIlLBoBWxiIeyQsdE/ff5cQmWIgDQnteryYkoAgA4GaTfWnratEEHOF1Bk2jDXha+rh2MvYl44ttvzvUJKDxKmQqsEKqI1fOTi3ua1XiRMhwV0kzShsd8f/QFpeljj2CE//KfGxffQ/AtCXnleZzehVACw5Gqoc8MJNFc+RQSV0U0H2JUedhArKOHIJE5deL9UGRUIhcr5HCQiitD5MO3btitKogIIvEjO1sLORxriB2ZBJmNi7uBNkeYW60rp6K3PhVTduwimRKrJljKFtE03FTKU8uBLpZlQPtsZZvpxYMmngpveaHXv1detmiypL7IGwAFPqoqj+KmrksgnnDT3RKSlA6xa6zTUtLG/tUv3khnCUp9sdPKpkpkWFygADCuN1VhDyO7Mq30dZydcK9mgwKCOExA0mV2SOMBEtZANK/Bir8K78mc5Gn010VxYNNWDNr4ZKjBPFb8mryWVdntDoeg+o0kMokzAaooitSEmErjw3Meej8nD9n9f4sA+rzbUUtOpH4BoMW0/JMYRObtvkt2hVeQPG33UR3Zj7zEA4PJkHNIPS916FU4YQbjVwa5So3lN5OOizIZfLEsy9d8eDYNY+VOrGqYcsIF9yCrMbH+MtQ2MAiCtQHLfN0UIF8RUE8R2FpbAB8XfwZOZXtfpGniZxlgCVTnOBeEm4jiJ7Qh0N4CN5WUblKbtPEjT6n0J/Wx4La/15nxe3MPTwcsqTdvpEHywyppF+XCv5VJUsHRw9uBB4GX40exr2GYxox+k1D5gTwSENSNdMPxB1GGX7VYtrE5BAfTadwMeV6di0WoDLzy3aSw+7gPv44PXNdHQ1iJxNoowh5bpVlJ7OsfNV40cGdPsFvVdeOVds/3kD2x6xZtuqgE0vUAIIXHgBNwJEXfx94T+uGMa9wsJC+yM0cSFuE9fgUph4k9zkDyy6YoL7LEk9lbFS1seG1kcdN4rULMqRMXNJ1sNkRPZApWfw+Tha9zPBpDAmqj5wrEmoB0fzZRO/IMRt6sAYKDebW30n4TtB9qjebD08boN/Ur8pTQMeRpUO3LpqMGBo1GILVyQvS3/XzkQQbdFyHft4LP0xEmrhjzmX1lId1pRRJbSYeQA8YOr2CRu550J2F42Mol6Lit2TtvWq277bqy2B7NjRWqkF+jufLKpduCA9AXSDGFlg3slEVv3YnbFTUkhWWlML5aMo6uCLEJfSGiog9E5DuSBiBlFMUjEPjw1jOLG6hQukuXOBCZSxX1/jnnBNuR/AkO89Rsts/b6/pfnub/HTNpOg/54BOfDRqINPYQyO8sH+mOwJW+yBj5VIr82rvCzkSUMZwvfQbOaN4AN/oG65pChT1zHHctj2uBbg75+jpQQk7dlDKnmvGPRqWKhej+CkXAoEzkcoP0xnr+KRdZH83Of1XoNIcn9vwbSbfsFXc1C5IvNm3hh9cBjauPQwyQzlgeEBzonLWzUeHmsF8pSFPE+PY4Qrz+PfbHFBLBwhKsd1vkAoAANoZAABQSwMECgAJAAAApXVwSLLtX38dAAAAEQAAAC0AHAA0ZmFiNWRlODBjYTc5MmY5YTQ0YWZiY2FmZDYxMTFlMS5maWxlbmFtZS50eHRVVAkAA3Vx6VZ1celWdXgLAAEEIQAAAAQhAAAAzJnRJXG3SZfsNaYexTYQBQQhOVkQLYIGLk1f3XJQSwcIsu1ffx0AAAARAAAAUEsBAh4DFAAJAAgApXVwSEqx3W+QCgAA2hkAACAAGAAAAAAAAQAAAKSBAAAAADRmYWI1ZGU4MGNhNzkyZjlhNDRhZmJjYW
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97175-c064-4e6a-9d72-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:09.000Z",
"modified": "2016-03-16T14:45:09.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_6d3d4f.js' AND file:hashes.SHA1 = '32962f0bae8e31d90666fc02dfbc9909df261673']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97176-ce74-4d1b-9b4a-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:10.000Z",
"modified": "2016-03-16T14:45:10.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_6d3d4f.js' AND file:hashes.SHA256 = '57c26d8eb40ab3e447a170eb3f84ca3522ffac8854e18045ff99efa47615a82c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97177-4ec8-42cd-87da-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:11.000Z",
"modified": "2016-03-16T14:45:11.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKZ1cEh8cT8fHAoAAEwYAAAgABwAYmFhM2UzMTdhNGUzMzhkMzU3YThlMGRhMjE3YmM3ZDBVVAkAA3dx6VZ3celWdXgLAAEEIQAAAAQhAAAAxOvn/P5PmHamn8ww2N3NVcdEb39OuQp5ucfQuge2GwRk+GLfC/TfqJGnnBcjRZbSwOVypVnKwERv1tDrodjl427w1ImYMTA4KPE8zzDmdVJbFxPy4t5FGFugbYiJRC+A6V7bX0SdCsHnLmq1N8bvjfhhT3XohxDUac1uAcwju6uSEqWo2OCBKtrqdyvo8WQgcXhSHBc+lOOzFqqdElZ6fKokRySJkXj0rg4FCS2dtYP1ihYYaPhH3RWJT6OLNv7O5CNbuEx9nd/lfW/Jb/4RVL6JV/7NbR7Jaab8VX2rTkUlqki1jLflIZ5aYR8q20UcqxZ67x+DPmfr+hkB+3mlupRoE/i2U/+nGfz6IARCAxGNm4GQJl/m785XWg3P5sXXbo6NShGZuQu3aapgqraeJtM4q9nXgssvtWKdcvE9qbi/1K4htI3R1SrxAMs/1w7HRuhkCnECK7Z9ciTHDb5zGKhe4Ubvh4cnH7/+G+6o7P+IALbZMOhQBppzazbWo8RRV58nRsPY+ybiK3SkjaLni8ThOd3nyP9vSjhqPuqW23zOv4q3yfFTuHSDm4MF9sUVXcAtxxRepMaLDLa820FocMm1n4KZwan7jKgp5pS82A6BfeqFI7TmMUQY/Dbdu3t2FlJppCWdsiSGNqGJrvdF3f6b9u4CAg5a7torGOePFQVMZsFg3cOn94HiFw2ZYvfz9y0EAg8/lzA+Wt305WNgjR6EMhHdBN4P4Nk0o47sW9e9xPng1DZ/NI0fcYrk7cvPjph7j/ki9owtYo72WCe25K7S/Qieupc3prFfYNCi9JZhDOSmwbzDCV78BLLglIXTJTZUtFRxYKfzPmWcVQI5K+n6grH2sbFqzQ5morL8ajC9GL1aQx2WEtzVxVE2m2qtUv1MLryU0y056OFgoKB/dYJDl7KCzNnOBsYjdtDN1V8mg3anJFByBayclGsViKL8CpcZMBxhjk5l4CFIQUDcUpho0gKjW2I06gntVqUKIqQMm8AQmi4/2jtqRjxRm4DoJNPsXfo9jKvK+RjPKojON0gTbgmYfUJqUGydtWeMfGFjHyFF8L3ghxPR1ZneveERfRg5c9cN8IZh5BbX7Q1284CU6yd+fsq/EuyWPdtsWiWiFMvjINytNZF7XfBHvRRU1qHCbG3PZCOFQWG1VPGIWVW28rcu6YIkmnV4l5+cltwGV9oPaMh0ppAYItAHTE5BzGMs36XfnadU+8og7Kbe8ZyVLZf2vWiFATB/8f3UjVhTUy0Qg+5q4KT4v7knKBBoKgTCDLYp9qz916t4XO79CaSg+SuMyEiXT36XWswAv/0ulOr/1fQ/34zbML8wV6sokNlLxqOKD7JA72R/OhrJttUbj8+XurF69v9cudO83rtSAIi9MD/xjm5Q4WjjHKokYME/NlfsH9K3CfjcxwltidEI9X7aVHwpMi+RoDfoh26yYklBf5VLX9Dfv/VYmKMKSj1mayABJ7HJRmwo06RJCgEBBvmA4EswM1elmoPIk8G2GuK6gBa0dQtNK1QzzGRsxlTsA4Tk6hc0sd+boj7ofDMoBmhpyHgmp72sWgfS08otM8hbVBousaIIS7jvoITepKhPyS8bkZLH1nT4mBrEhORYbh7DyPUI7Dw0t8Ggsjbkfz2ACY2Ks/Zb3NFVPx8xBUL3baG+YCZznijrQk42YLW5JRqBn9Uu7H0Dp8w2wl5wEAVV4qGtSPdRm8XS7+nlESJx5CFztPfy3WLt+1jCyNOSG6fMhzqbBFzOibUztqo4c6UlFJuTO5Ez7WRRAEaWq9e2F+xixO4noooboDKCfkpfYqppGcXa9jvydqE10JhA+/1zkLfVjG6UpovB9qroOT8uyS+wqL1B4zm8NWUR33FmfK3zEGDd5U7JjS6TGE5GkJ4EBBURT3V1Sn3Ppxh1VkQWSppEOGRt+slRxTsx5rYqO1shcCLimcrud5kCM3ID+5xd0vUgRK0WNrAA/AtDXMnj1/XkvIGAqC9NXHz04vAbUR0hUuD0UpXMBacgWGFpSSDsNQduS9pEYvl8KWbsf+mDWTJdeA/b379C821ibWNL6iZLmFW/Ytq4dc5vFYDXabRUJWsZI0x+2U9PUkutPWzJ0JgSLvXy1JnNYaNKsZsMCko12jJQslvCcm1HyI61f6JE1UeOmkU4HcBxQ8Z9Vs0ivwH3P1htZjnHe+Ss+E4IlW0/2MPNX05xLlQ8mHnw50SLSosSYXxeXehKz6riQKXHYvgB06V2whMc6wzAmIhrhlTaWKNTAIKSoo4FBSEh+j8ZiWENewds0axPg6wnio30qVbuZApJrvVpVtUI5Ue5JeakAByUlopsVXyx7tkCAZs2pTHCtj6vMd7SUHdI7eD1fdC7tOf0M8uRQVTopeZK8da1CirkZWQp1rh4QPPRAKtPOV2biVYZgP3b2aT8iMoxys5ksmUR/aFhyr8YQwThPw3qXrkZE0phw8h0JkmViEFV0o1u7FX943u5y+qovjT6V3SG1lYculrss6keuI5hZIIHlYvy/vFnCshEhRmtC/MCeGGio64r1WGiG9lmWr3eXsrmzFsJVJFH2NKXiclIjHKw3YlGbN3pJfHNXnj2Dma2NWpK5Bkqel/ev1QHyN1OoZ/VU8H9ETqcze+0q+DfWYr38jE0Q9+N7MwuQXS95a6S6VVb/i9J2TLYHXykrJQAvDNlVrzvDG22IKDkZPrnZHSH5czPryxw31IU8gSOp1GZ+4djFWxLG2t5Y9VxYJmCbRl/VZeUqxZTXF7i/Yugp9jWPAx2SWD+ZDDUUwaqSwJn1tBCUlJCOMmjq7j98GulFD/TaM6f+RpETdHTn29AvddYPhoEfrikSmrdHhiQy1JwLXQ/0GZrZmmWADbqRwJOgVVOGnLjN08wDtG6Ve0FgAx6occkTshwV5AeCaqxjdmGLZISu9TmB/nwipIc1OS9rA58piskOB6yNUYHZjcedLcQwwHV2lwcQDeNDb5qlDDzt/zEO1vtjBZZk/4jviXYapsxud3gmUQ8GzU3y3woaL5mG4wwJb6JNwW0gkmOl3XIwlky9XXnv2ZVQH1Y2sVWvMjPGqgOpmPyvS7Her/Tm4l/f5nz4ib/CD5ZUsxigyKuN6Djq8vPt4bUbJau7xfYIKuua03DGOIjlDj3Zt1jK3BUykVweOLjEvpNHWsd+0TlBnlTwb0HV7LROG3enCQqdlOmwmR8rUsTL3gg7xrnZa+H375CLmg3NHKOBIgx9+khVnd7OKE41/s1uKkniZcq1RXx5xJnNSzPkxcNwZFNe6wBKralkpLuxTu+vHbgLzmxfUV9ON+YoaQX04VTAiegU4PRDrpp52SYui1aQOYKO9Jcs2PEnde7W3Biva00oa8h1sNVtblcQurdsheY4JA2l9btT4IGF1f2BESNz+zLi5cCePUHgt+TuEKsJ9gvxaF/j255IyZarFBQSwcIfHE/HxwKAABMGAAAUEsDBAoACQAAAKZ1cEhGlAl3HwAAABMAAAAtABwAYmFhM2UzMTdhNGUzMzhkMzU3YThlMGRhMjE3YmM3ZDAuZmlsZW5hbWUudHh0VVQJAAN3celWd3HpVnV4CwABBCEAAAAEIQAAAMyZ0SVxt0mX7DWlAdkeIqVPIj31c24/k9uAjQf1Oj9QSwcIRpQJdx8AAAATAAAAUEsBAh4DFAAJAAgApnVwSHxxPx8cCgAATBgAACAAGAAAAAAAAQAAAKSBAAAAAGJhYTNlMzE3YTRlMzM4ZDM1N2E4ZTBkYTIxN2JjN2QwVVQFAAN3celWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAApnVwSEaUCXcfAAAAEwAAAC0AGAAAAAAAAQAAAKSBhgoAAGJhYTNlMzE3YTRlMzM4ZDM1N2E4ZTBkYTIxN2JjN2QwLmZpbG
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97178-9f80-4161-a952-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:12.000Z",
"modified": "2016-03-16T14:45:12.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7b71e9ea.js' AND file:hashes.SHA1 = '77f315244efcfdb56fcd467c51820a49712944a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97178-2cb4-4c1d-b775-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:12.000Z",
"modified": "2016-03-16T14:45:12.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7b71e9ea.js' AND file:hashes.SHA256 = '4750d2e22237806dc486b2b62cad75bbdba472002e8affe2bf12e46631a674dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97179-fd74-40fd-8ceb-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:13.000Z",
"modified": "2016-03-16T14:45:13.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKd1cEhsZVhh5QkAANMXAAAgABwAYzNkNDMxNDgzMTA0OGU2MmQ2ODk3YWIxNGI0OWU1MzVVVAkAA3lx6VZ5celWdXgLAAEEIQAAAAQhAAAA+Wp6IG6jbEynytm+Lqw51y3LhWfuzLUwXgRMXR+30NYEB5nsJn0B35UGkFmNqGsYCUgIXY2XWDeZeOzYe7tGkoUoyi98sJzeQr4YBelYX2W294cjw4JPWLcVayRSAP8AO+2fX+iNfFCl6IjYwTnMtSHyioUB5JOvnUhpVkzeha6r9snDEOAYfQgxYH2NcRaPkiLozNFrxIELYh43/BnaJpaItlR3232KMewHp4zrmUulJc+dmd4NWQsPdmSlvBAt1iXx7tvRDfPMniTD2zHlRWpAt2BAf+v136TdkrcQQuGLCrXqlP7TRpzXijUbQAQ0e5lCJa88uCBvFoA5M7575L29OnSN5qxGg659SiiNDH7jCR9cCNUmHbVrjQYsv2In20gyeonRug/uG1Cpg5rWiTC8KqOYubP6cU81BGNBJkTuGyMZNv9MI5pRC+ldT/6BOYEMcRDiXhtglTMqb0/OfG/3SDjSmM5jQ8Ar1qSKk2mv69QznRvBHkcWZ8DrfFnt/lxuUgRtCbHZlbmnau14W0Gb6QnV9g0YtoAtLtEVxywHN/RvL+uI8ZMVKxE65tXTbkeKmx/BHvz3mKJu+O6HlJV6BePDD0JVaeBKpmn0VYGO1rEV09MwgvwXCXVmtTCuGHpkur9UpP9EPdHk+46hdoF41ri/PLtfVPJm3hkIvQUtqptXvicwPgCGtYiJ4qmkVhqB4Hw6UPe9OXv9hB738K4Cbp+3HhIXPSczO2RxbSSwUdbnmV+z9Z3IN89XhH17lx2xwEuWlIX8of9SNFDkvY0B7AcEKjaxkV23QMqO5aKiXCxtq87SGX6o6HIFBadDp4l0vbMBuTJ/lc0mCzS9ou6ikIE19H9gxxAKEMbsAcYg1s/bwWbeHscExbrUnYr25YGb2MLNztgEQdCY5K+sKxAgH2lFszERdAK6Y5b2UfLq3CS6gqYpWiXmKzNqq3hfelGuVb6voU5mjb6WBBV8Cg5yz6q6OTZ7+2GhMhBm9ff34EuB8PafCitRilAlDk9kqoU1NeKzzhgS8/Cik3/sB2dVG/1jQsy0FK1OBjNZgHn6L2GI8GpM/OcIlRIi6Nr6kb5koyWVCswzn7fS26ozrX2aF+2gRlDQRGNjVPZDSUw2OBLYaELiaWgJCAy+0EquRW/gB2eRzUTaZtSQNI++zVdCT3GdxBBqE0fX1bdGUk3zo5w1E3ISs9UFtNzjxuNIApDquw3YcmjIZCZAcgxYGLpXHr6i3RgGjDqLkTIr0vfjJHKJWhQgVrMVTN6lVO/pxaFS/Pt0sAUTJETn8JxYJEupwLLLp9z58MfEfi8ZPf+1DA0PiyoLYECOpdOKwHFiPvMxwqvpirwNpfhhs9TfzyAZQLkmSE3h99RLSYAOoCmydLAO/oVEWpe2BJXVFsi62M9DrTSXPHp1Rz8r/bC9H740NjEFY0Chgjg85d4bTuaZ+jotVP0Rp3nLNvbyrCNRIi+l15Vw7C6vwdBdao+DgiY1fD9O3954vxAQDwo/qqw+7VJ8pAOq24+ovbi61AdwD7HDVSa7vXAIYxghwytGXJpE45xNDvF0s5+IMgw3PdFhFB9PRa6eAVQM6j/4BcEzIIVNNExE/EA45hR9M/TzkN5B/I/ifZxlFVhdHUWbe+6/7ox0vInw/+4zO50FNRLp5Som/BCDcM9R+h7nte2XvwuteYeqEJAmFItGkCi/4GS32QNR9Bnnrxjs9l7IusdEaF5KgRe4FhLOsLOlDW+h/8lhqSNytioljN20SqyUvVVpKNb/CxarSl5qUZchgY3LqhWTyIISI+pEJgwP7LUa02TtAIjCJZ0huv94ZZWfb9IjdxJJtFI71pAGfsaq3ty0wHFzZImh88kw5rVfrfRkD5Q/qXMMsGCQq8zeMSlqgsM8NKsUHUbfIEKKT5PFYJ1li0UOYmNRZBme1gW0MaflpxcEyF1i2gd96WLjoZdutlx3LTapSddTnvyTmfa1DCSDnkQt531D2od1cwxSNa0j5o0QI/fbCo7nD9GzirV53TavbhqKeLo+eTTUhFORxJRiWJ9dWaKNHJMFYQCkhHZWwUSevTpdrcgwDNwl/VjqXhtgPMA6KY9f2OKpt/S9xOC2qm6mibnamFobEbE5qqJkUdhW9dADzTfthTSm/Qz7sLozINWEz+c8j81OLzMXcsZF73BRdEFJQhUA+7oCcNgBLTBOPJ1KxtvlT0+6w5a+bicJpZbYdGCrlA3J+aNprziB0IQ9mCxAFRdSXGGFBDW+g6HUjzATxQBgISSxoLVdszQNSp3NQljKPYgBFSYs7oTCJ0E5bUTLaWI1NfqRO5eRn+8uNMnbyUQSts9Gr696wakxuEyvcu8/K/3U5x+6H5sPDFEJ4TIZMKeLHxUcEdJ0IRqxwU3Gng+RuWxn7/qj/iPCfHQj3SFGpst4jtsAUz29rOXJWCWmtVd0R5/uTc7HCYjiebrgET4oSMY3nYWzcjHKQsNk9ErsWUtWggArii2aFObe9vlcbK2f0B2+4ZnZGQhWaMAx1RnBf6AVJZb5T+WWBgdaUIPf9swClHV4cRodbET6DDENb1m2g96y3MId1RPIA43SzH7Uh08cGNK/nN4NHb5avkEanBq681ZDQ+tkM0GKKLc7BAZBKH2NAnl1hvQ/+FZtrQVb7Ies4QPKTKR1eQ3oVN1lWKFr5xVeT8KInNcJ3NzqQrDelmCrovIMJbGnmrXz1Fu/GOMzYjWHS63kW07IMGo7swy6Jfpi/mJWtCz+lvvoJnukK1Uncv5hAe+Md1BrAFa0W4Kz/T4vYWS5El/eBlTWVdaEioCyildDXbDpa35akOYI/KeuYDt66Ch6suGwFUSP5P7GR3alNmCj6tQIq6n+5Y+zl55VWZ6l1D+uOFluApMSZek+iVb+ZjI38xgpcpqZdm+X9AAUxe/ke3Yt8qeumqZQzv5Xet0ioLqYuM28XW30v+r1P8JKkdWT3arx5UYQxtX5fj97myKuiJMJ31Eqt9elz4ld/C56IOKywNGCPLX5QV2cyKMlw6vSJMehAZqvGwzVSmjasN/ihoPb4qR9lAGjBm6ZNgzOdNIVZl0xm+oFgAclWvwppmBKO/mofxLQa8P51tXVN8aMiqLrcu+evFaI0etgl/QsdVw6o5k6W3zUkIGtVFRgN3yZrKJ79+h653uFvF6PfiD7xFILea2KSQC5+v0Tp+evjqjFB5SL7rst1HbiQnkO2d1x2IuafQMJNeEZlhp0S2ByWDYeOqWZte8NeegHGPzfx9FIJe4AER1XkoJv8LFKscGxN3WaRggt9lLS9JD1rvSRMh0u/eKzUpgJedWeggIJAhhpTC2bSRDIzm6IoXMWc6t+lwY3DKmqWFZggQpxaulvszw69VBLBwhsZVhh5QkAANMXAABQSwMECgAJAAAAp3VwSLssFqEcAAAAEAAAAC0AHABjM2Q0MzE0ODMxMDQ4ZTYyZDY4OTdhYjE0YjQ5ZTUzNS5maWxlbmFtZS50eHRVVAkAA3lx6VZ5celWdXgLAAEEIQAAAAQhAAAAbYWLwAvySEWw79kXF/+5HGLd6aMVwBFxwYQqrVBLBwi7LBahHAAAABAAAABQSwECHgMUAAkACACndXBIbGVYYeUJAADTFwAAIAAYAAAAAAABAAAApIEAAAAAYzNkNDMxNDgzMTA0OGU2MmQ2ODk3YWIxNGI0OWU1MzVVVAUAA3lx6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACndXBIuywWoRwAAAAQAAAALQAYAAAAAAABAAAApIFPCgAAYzNkNDMxNDgzMTA0OGU2MmQ2ODk3YWIxNGI0OWU1MzUuZmlsZW5hbWUudHh0VVQFAAN5celWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAOIKAAAAAA=='
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717a-0eb8-46a8-bdaa-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:14.000Z",
"modified": "2016-03-16T14:45:14.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7ef0b.js' AND file:hashes.SHA1 = '115cbaae522fe16c8ec33f5ef69b51ab1dfba456']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717a-2a34-494c-a149-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:14.000Z",
"modified": "2016-03-16T14:45:14.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7ef0b.js' AND file:hashes.SHA256 = '3e6131108e2e25b068be1331cb5c2c938d58c11d9fe71a7022867c45f0a37a8b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717b-edc4-4011-a0d7-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:15.000Z",
"modified": "2016-03-16T14:45:15.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKh1cEiOZFUh6AkAAOMXAAAgABwAZmFhZjJjMTA2ODc3YTg3MWU5MzAwNTU3MWY2MzEzMzVVVAkAA3tx6VZ7celWdXgLAAEEIQAAAAQhAAAA+Wp6IG6jbEynytYtF9rQIod/F4AH5yit7w/XfXIo8qZGMgQkoRDmlqPlnMRXZ+iyJHuLaGEBR3bSjxXVN9wMqAiNgQhC1QCslu63iEz078/YbLOW012fYk4jt0xCdILa4atRSMV6/OllXJHkMbuopp+5YLApR5v1heT6CI7lR8s8R/EctJqOLDNxm8H99xKMSSp7ZGJXhwrNiC+ZwqBmQi0AcsCco6eyqlPnZ8BhqTYLrSWAigjBWhYI9bOUwqlJKd5h5gzM3cSWY24QjKRVSjxu44da7W1RztjIjkL3HhRpD06A6fVUDhIyT0OO4N/XH3RhD9bhj1DM/qMk/wj6P1oWlP+xC5IDxo3m9YSetPAkP3RIWqmcCsAcabHYyP1HO5cbC3X3M4VEEYm8gdJ+UPJklTMxxfb/qRQnNlZ2VKY0ciONDWdRfezBCFqBFkkdKPWJTxV7njChSJQAoifiPUPivsY8kAof8elliZbG9IWxsaM7xwYiY/NIYigsLv1gEovJYJ+tWhiSpmc0ksBwQaigEX3u6jhYmK6eYVorjHkd8ioEuYtGKVyQo00dIcoe6AH1tLuNvCFlEII9U3qjiyzH5tfK0vQyTz2cB9/IXrLjK5bD6k+0Bw4/7AZwKnApzkvM9I0UIAamw5mW075k2BTYtyQO9GUQUUt4rP/AqM8dufsNZtdN9zFEX42rRBdsSjGnjE7LFGDSgR39ddaSPJzVHuAS0yI4rumEXsqrsfGZJUcurxjgoau2+CrEErKpeFmSenQAs1R83zMztZsWGwxNQ+g2olVwX1rqit7LD7DXlSbX7ya+5eG90Hvq4DgskOkaJ29JifcAcEmbuDhd1OoU8Eg3wbfmGM7kuTJTFXVdR1c+Npsw5KYbj1WG0MY0c08YB6Zs49VEY6eyB4PUlMXBWr+IGxzwtd5q4i0HM9DYXXGZBlRoCpu5jl5B7LNchQD7Tj11TZqOB7vGQRibYjGVR9W4wmMZyVpio/17Mxp9+Jd/R7suH2GbOqkvTmgexCBxQOi+jVO7m7dkXHFbzEc1B1+tDdy27zhg8Sj9QV+hu2NxqO/QQI0z2YwiKgSMqM3IVc7lOehVsTbRi1/r2eeLx1p2QDLnnoB62FZRaswnozEDNeb/uM2FVo9DDxQZoJkA8FjNmcnHRQUjVZmcBY82N3ye7sfwWEMOuEDVypmecz02NZEjqJ3BB1uO9Irlxvmkntay6lfZSEMkRHM7FquKjKQyJJ3984KUJ/0cM79UyWkiv7KIvylHaJS4z7BviYoYCoN2bZcHwVUS/kw9MGNT0GSfHV9JXjWUyUS0QFqkD9RhNM9ZjiAAKRQNzG6P8iSGpW/Vm5DUYC07BiKC1JztCzpYtoFzHoiF6DKrJno42vABPT5wu/NsBNi6tg3QmkB3BIivo410qSW176WMryazeZIY716KdNDd7c882iO7gZ0OMjQCQAe+bgIdeZQG13Qb2iEbmKI6j0c6rb2vumm+NTfqO4t807YKSECbX0n0mfTEr2ou89h4KCeEPSPJwiX38BAVWGaJLVM+nTC0QvdPyCYCXY0Dx8/O7QUIWjQcXgRjf/7UxhvgcHiQX4PUb+3VCcBOQiEkrM/URQe4y0NygEyQovvmYfx5VZiVqQDm5ma8DJnDCTXWQ5z3lgmpCIstZFTEcCYzWRh4lUvrGoo3gE2B7GItsJN6HMa5zpxYl8XYxBr2FyNCdonkT/XhxvPAAzQDVNuEKfEuCHhv3dHzIwKek/CPGQo7eRvUDQJYHRMRbHzB7yBDHMYxZJZIb/Xv510pm3gOj/uZSi8ekI554i6VE0aejT+D3IyK2qkFKqEIPVIrcvKYPmFecWK0k2uV1IvSguDj8Ra4IwcE/oEVfGHuIKBScAYyuXTKIhPBTA3ej3T1ErACbDNNuuhCaS7RGM7+4ZILmwrHWabtWCe081jvgaqyUHV06fYe7to761rX16m9V5rHlD2W9nR7Q9HXRzdvESFZf8NGBjHevz9r6P8I0JgTDaiiWFVEtIoVymUCT48K+hl3RnQvLkyW1XmiIVd8jcSxG8oQ2efbytAe2TQIMWz/s4n74sReDSCENKbs2mIzrs4owVEKifiZHQZlzNqvv6sLJwTSVcfeffW0UPSw2Zz9kKxh4TN9Ypc7hA1Kout7c9QMqZkHk2mkJHOguyOB3nVY2vkN1Ka+Yan8fNjL/EUmZT2lsaA+IrtvFSY4BCI1bni6LoMEncaIgFFH11iiQDUYm8bs1O4vFSBRW7Diqy6R7fEcFBhiyRZTdzhTr3lrV58GxVYEs17Rwbz/+XbWUxIKl0lRqk64e8uCZpWF3VRsJu24brRPrdT2myBJd93ZcuAJBDxjOWVH+/+uWWgt01znaFCB0pTazPd1QTRo89CdOmGWjNmikca1/7uPmLRWUHxFKzgszFP4OweFlzdVm9NYJWJWFcRq2ZY6vaioPnbLbM/WEPL4IDU+dDhRD65ZCG1D8S+UOIQgpGNCQIVjsXjMK2pBTh33iiTbC6ic7LK2XCKtIWKwWu4F2g79W3o4TDHfyz/8rmCeEK8kqNwXcd7HDdu+GZ60YsFhS4BbHJwQGSrMMZqaT6PyDodRF40Xc8GNSGdYtdrFZA17NeQLWyCr7kQJd0rhFiuj1IPNhf6dgGDSH3CmaIc1qdKZNfasO0vlPlyhZx7xtTCgaY5wLwXCtwD0TKXuHE622r/xPeLdlTYSZ6bpiq6DYaCrPYnhlJGWgWqFCrxkEw79w5zoOQ6W1Fr+TdToqXhrUclQjwJCz7o1e4thrjH6TRRBoaO06F2qOP/To5k6crdd2Wx06oVXmb9x+eojWK/auQ/3h3xYjxgol+BEflr2cYKvRlEWku84EGnmWnzCE3WE51Cy41U+RYZkJKdz84CoamHWSDQqXch9W7uLz99zPFBmSGVVY+XTDGBakhhIhuFXTNxiSnd8EUoMlhnw8NnTY0RSI7HtsqtmqvsvbY+5+QfrslexAApngRebIynoy4zoBdt/5jMjfBolMycx/pQCMOYjlhl2fXg6GGt6E/uUw9Ujc6qLn34ARDQQYDxouT8Xsancfoqey50I5h3zlBC92Ab12qGL4c5SVDjqtrbC3OTch0rcCQtgx2UhT/0TxNt+2T7gbTEO6ufcR96j9aijpUw3O2YofsL0YFNLQlErKAYUQ+klue97tj+slple62Mscfk/RLTHcidF9wPwjvpGXS+yiiBC8+Qx5ZKRohrTzR8A12PysAu38MVoEAv7af9w3tV7vmU1YYqXnoz1/FP6+l0sDIbi+eu/6p3y3ZaVYltZsvNmtjiF/4Xct+ZLDY4TFKrvIYSXia0ch/bSoENHSG4VLn9aMdYUvSHiKNVxCQxhibDO0lBLBwiOZFUh6AkAAOMXAABQSwMECgAJAAAAqHVwSGqlPc8fAAAAEwAAAC0AHABmYWFmMmMxMDY4NzdhODcxZTkzMDA1NTcxZjYzMTMzNS5maWxlbmFtZS50eHRVVAkAA3tx6VZ7celWdXgLAAEEIQAAAAQhAAAAbYWLwAvySEWw79ad1Bl+Ki1on9dLqdLSTH5440pEyVBLBwhqpT3PHwAAABMAAABQSwECHgMUAAkACACodXBIjmRVIegJAADjFwAAIAAYAAAAAAABAAAApIEAAAAAZmFhZjJjMTA2ODc3YTg3MWU5MzAwNTU3MWY2MzEzMzVVVAUAA3tx6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACodXBIaqU9zx8AAAATAAAALQAYAAAAAAABAAAApIFSCgAAZmFhZjJjMTA2ODc3YTg3MWU5MzAwNTU3MWY2MzEzMzUuZmlsZW5hbWUudHh0VVQFAAN7celWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAOgKAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717c-99e0-4f9f-806f-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:16.000Z",
"modified": "2016-03-16T14:45:16.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7f8ac6f7.js' AND file:hashes.SHA1 = '27d588a91f5851a30bf724cef960dd952ca821c4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717c-35a0-4edc-ba7e-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:16.000Z",
"modified": "2016-03-16T14:45:16.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7f8ac6f7.js' AND file:hashes.SHA256 = 'fc86538969071aa5653fef7759d408d0595f49a32edbfd080311466ff38c005f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717d-0fe4-493f-a9ab-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:17.000Z",
"modified": "2016-03-16T14:45:17.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKl1cEh/cBBARg0AACwhAAAgABwANGY5Mjg2YTQxMTQ2MDE4YjI3YWIyOTM2NzU3OGZmNTNVVAkAA31x6VZ9celWdXgLAAEEIQAAAAQhAAAA+Wp6IG6jbEynytcgkjFvWeC7713etIPIUT6J1aOvvMvBOOpo++gP1EPWXqrVjUt4sbOQMx0uzAHI7bkkLnLE1vX4cy5gygrJa96TVDaE+uVqDYM4gDqMhq2xvBWQQp6xwcI8SHdzeFr0OwaHQ10kP0wFZLSzqKoeWZLmMTHqhNrojRxxGLPlNtQZu94NbwYo5TXbWzv7ZNpGVChLCWTpt557l6L3FOz5pmbBGi+sNP7UxA+dCGgn0tiBNRxwG9QAiwRlypL/l5lz0qbNM1WDhO3VOvpY7YIBlp9kZEm9u2Wn5jx+rWdSW8Vv7kCtU6pWD1lVBxqMEf3a/m/BYF0xBRw9++Jqra9M0gRHbFEhQXdSfIs4IlYm7/OW0Moeab0K6iX3P+yykBFBTBm/ceBOrAZwTZ+k0gjHKF+5GDVxYIElt7almoDlsrr9ibJt2Vo6zCL/yuIRzUyLFNUwvxFoxU1zg9JM8G7qESKffShOMcgyIKMcUR2seLDJLEtr1tMwWse11OoAngi0XiPDMWiYIPN+3gG2NyhO0IboPwAZZOOVQUlxOgjW37Let+qS+sRLCAoajOvRIiz435tE2Lgp8SxoKSTiiC4g34EXpUcdkqjJlXjOptclJeWeyhODAeRUhalLkICSUgJNAB8JyVOGYMvblTD1YwQpDHwaSuclyJekQuq4Hf1G2puPFdgvXymhwtU03VqhQMZU0ybfJ9ue5gwZWxzQ4gVr1q9Xp62TNDBDUdaoMGUgUWW8x8f3ZtXEXfgBMopJNoV8ZP3KO41T0QffgiSUPcRksIFPd9qUJ+eFX+mkgfLY/KXacemQfJSIqFjd1Neaq1AgJM9o22HH8Z+2FSC5yIWwrPzkls9/J5ea101tGxt93E7N7ZLYubiPfBYy0d1eHulMzsXNcEJcAoSCv54rTrsyMXHczmXqftQw/QgzTw5DPw++QH9MIf5ns/H6TtE24g4UT5kBec6pOdLTiZui0BcwcvLvrcBjkWBu+yqJJiZlHbPe+E4lYeIFDO7y6yQFcnDCz7gDGcTe+x3B8eE30FwBn3xOymjQMhodbI2Ns2bO1KmfuHWFG8YIklkgxG/0yzyeoWEsESOVbrxQRQgyQv0ZPZ/Ndu0DW9VIaLzBafXllOns5TI7ujZNEMGDeY6dXdMn5Y31xlj3Hyj8YbT/GHAvEigKej/12WsOz3zwbewtYQifzMGBr1tyCFawJuiv/SiV3DXEKxYkpmA3QHmT5myyv8h2gwNxMOzx+73IsdmlkjTMsKxj4AilE0y+4OFw950g+R91xY1zol3DVSImxyCnN673kMvzc0dRFmEKEDBW78e+Hy//DaK9MyPL7Lfad1/Z4Z8fqRf4O3Vpw8qV45Pqz3+JJCNVuIdO0QbCtfGDr+OS772RwrH0WmeF9CMl6Lot/eZbHMwu43oNDdIbYBR4nxx9YYkGOjG7hvOC1tA1BNuUubZu8RxYPO6CnFUv+s4K5mBczhlZd8ig6U79V6GLFrRgKrvN5twZDP6EK7H9tl++4wg0QPdCDZE4aPlrOAvAIDYf3uOQig2xybdYAJf8PcbS8tUVo7JooSrAdU8vnKYKJpu5EkLsqCy24b7SzaOBcB8de8Ko73Lbaq2du1C/nqVTVApkv6mxVcWCqOl+yFPn2x3KoJ39UhIhogGrLHHoh+CSEaKDHZBEfXCoo8OK2UKSQ32Yc4FZhDfWina/edlubx87tEyVegpzKRqmv8MNrJTGN6LBGd1lmmFfejyTl5QsBYEKTAsKsJ34BRa6x3FZtlphiClNviImIcTQsA6sLbtoZTlBOSBzIgrmbrFHneK2D9TDcNolIhdTMP3K1DwV+XU/kt56ndkztFRcnU5X76SCmDSvCY42BemwYRw8NY4/xcgQl60JrT31lVRmZeZx3GV4FbNMBq4BEBy6EB37kSLyncuey/6njeKt4u5RfxwncrH9Q3HuWuq2uq5DyEYyaGIReAcbG/uFuRYikM8bqB9ZMNy9qp1X2z++2tyaZ1sau06UYiE/S+1ljFyDfNgdfWmSIPE5bh0C0UFWERJo0Ccious/BoChUgIYOjITxOSqsx3bkCfemDe8h6MZG3aR2v0q1FLLZ+FA3iFB2nCE9Ya55kZ3wSy3oCXEUByFi+YkeDpvBsyvhodEyoZHraYQzkawmTA7nDWoOgAUVL7K0iDqIxWv2FgTHNsQEAUWmw1Qn+870DoOpkqdi9WNXfd9Ma8HYfMmhKE5zmALfrax/AwKRGtGocb5B1fRIwEtfpV+a9DY41omcaMb6FrThRakR/CzsGC5g2FqgtZ4cPFL0u/xEkcd73ynW/L//1Z/zSonqarT70rMt5IN9bVFqvA+vaHux6M+HBRpBNE4fTAxsI1a+eKP7Y95BbmwStU8ABTSQhTWOSUZwoCBCyKsoFFwZsH6CJ34pFsF5e3ekHi1o0dr4aMxVw/ZckRu2QoBbLEPnGNRns8M3d7YfX5OdtW9PK6l29ft+xt9OPElDLx9vuLPeMcr1Q2bDnwdusxRKHfXQppPTnnuKAsynOS5g5OyaqaZcJB4v9hPS/nFZZter+3AXdTyVsJSe6MGi7/DhjnjjWtE4QhD+nI1x8elrPt0X+NppiFw6pcHJDxn17lXzf6bAQufZasei/nt+hZ0K38kEXsDwhOt6eqpZwK/ZJJyLFCHkOALlnAPYm/hF5aJqiH/frPyPDmwM0d8+WKs6BByplaXI18UchsXLVlR06h8wvBAunQxMzzHTWFudgDxnXZQSCW2jiAptxSe/T68zqhvZOVpnhZfoxjLmViSLUYXURW78j5aEbuTiAdV5EGdKcJxosGjUNNyE12ax9BvmOJQYUbQvrvTtJ9e/+4xJjw4CIJRarf+3i+DrqUWpYLlsTBYbs+kMdmmofg7vHGTslMQITwyAunnHwarM6JefAEK54MDY08mOqMEaCLcrego5CmZuSnn5n0ZbJsM8quh2CApl3xz7faLI/v8bPK2wcokg1/+0IMHtsSnRfPwhWxiiHyw8Z7HmDGnltfu3xmZ1hJ5DLtP6geOhJByZXEJ2X+27utA6PaWvMdUbB2H3SOoEGkrO2M/Lr0l3g2nFnMoh47tL4KfFCpfNoynZZ44Kfagejlf/jeqa9bCGKmvGkkeiMtvEh9F7BG49dha/iO3HHgYsZxIGFWNCES4V5Z7gNv05QpsIMD3Es/RlRGrOUtX8/kw3BiD4kge4py2cqbqRTSR+auORefLhMkon917AugivRGZgK2eVtYhQhy4LfsaUFK1FVvh4y2Oc5zJWwSAT7p0tNg43dlFZCmhVpSSG1kaQTYK/gFmwGhtLztfi+W4kWx+lFUGmrZdEJhRqp1HbjztgBDNsdHRmu0reagaDyVbOmKTj0FaKvIiof0pYwhUfDgUm3XZcbmMYSO7CE2x4uS7Ilxh5w5XjeWR/K1gUf9S60mqg0QnOjcMfZU+5EXXATigK5l4bCl3LT05YZ5fsBDX9/f2Gp+yjsUozM9b2MNnJDbuFWEQGthYZF+mk7LoyJU86FQRrtSp4GpuM+JoocvCLzQ50WRBv559Yaaz9PnNq4KdoHVx0BlY4y58ctbEDgo176pxmxpajrPkiakGEMJluh5WFg7XAvr0K1Rdf5cF7Y9F66VXIdVjBkCvNTFrp9v0fV4+EAsl7vJa74COeckW6lfAlWQERnjnuETmmNQ6dVnkL7W4M/KwRl2QnFTblrPNDetMYR56uj6II/wpd8zSdUWuNFy8/eVZp5by9GhXLBOGx7tWYYxO84rhCFjqb4ta/KDWSyBclBcPZLhen51fT6k65c3yp+D/TTCkXGjmxSZMTu+DMrRJEJt5kAhRXy6u4eWL8BHN6I25wFLC9uc6L6f95eT9DzYrVJVb0/e1bXgsVTbwQkv/N/jeidk3NN
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717d-f1bc-4090-b651-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:17.000Z",
"modified": "2016-03-16T14:45:17.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7f98d425.js' AND file:hashes.SHA1 = '9d05eb108b7acd7f209b56e467a65647e8ae4117']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717e-ff28-490d-8c53-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:18.000Z",
"modified": "2016-03-16T14:45:18.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_7f98d425.js' AND file:hashes.SHA256 = 'c976e6b67aad961399faa2147d54a299574d21c030b3f565d3b06ea3f69dd490']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9717f-03e0-4920-a0d9-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:19.000Z",
"modified": "2016-03-16T14:45:19.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKp1cEhLS6AlpgkAADAXAAAgABwAZTgxMzg3MDRkZWI4MTZjZTczOTM5ODBjODBiOWQwZTlVVAkAA39x6VZ/celWdXgLAAEEIQAAAAQhAAAA+Wp6IG6jbEynytSA54baddJ+QMHqQBpuaX4WcGHSdPCiAfdG5c5aRPdvPzVUolEe9R/ILi2CcjNHeV7ncNMau7j2z0mWvRW65TeJ/+BI5/sQ+yZeLIs25Py0Du1mtkEN2WBAWFwJ7FWXeyY4I7ExYztQCU+HVgqSXI0nxpwjBK6/D1DPta6QhLaFAinRdX0ospOgUBlbTJfCaTr6LHLPeG+dnjBvfQu8RTdsFddFfuwJcZBL0Ap9XuA5fbiN4nZrEPz0/KS+za5x0eCF3QkoyBWpbgDOP8y8BwrkT/x0i3kzQH2Gzmo4hnh7StnGIJFSF1LQgTY7siuoMtZSbpZqI4zAVPKRI/VnccxX1mPcHiZsAYDnEhEWGd51W1UeUja0TwRFluazviL7+912bm68u7ZTm8PedMT/vqdzLPmOsjBXuiIDr6gPcgXVQsBUoWQ84FodTuBFPVoYSsqUL9jCUrLutINKY9DSrnVyp8KNv50q5m9wNXLf/gOAJ5ZwohPgTzck9GRCEYccWiEhfXEh1N3O9XwggGH+6zmsNth9mDib+qviHJRXkm+Dfbc5SfAKDWw2yCAV2+bWZh+umNV4F0zXkSBA+KtVmUISfyNfVrnkdkrn5zmOyPuEREuff6zSc1t/xeCkZftaRm3XNbmN3Tg3aawUupv489OKRrfHVfj0nSqf5ClIU4U1TgM0lRw/Tsxr2LAe/N0dgBCI6ZqN1m3vtA+2a1KlHZz6GNuGjtrYFuZBiYtz2MUy/Wi1O64cx4PxFIjMB+MzKN7tPRMEmZqolVKTSMsPrysW95EdYo4c1a312UX0FKYOpwjPKxWaDlyxfuf6GOgRuwnvP959QM7TMOGDyKgbT0QqN4ivx8aXrq6bshCooskpyJBCSoJTF6ABXtAmwrcCd3ewR+ixxNkUDFP/6V7uryBe95WgPRIEYhjCaq/INdLG/G58AFGVTKyOpdoAMt7ZDP5+1mGp2aGPUER7hrNZiMpkBQkcPopXa8EwNk91AT2Ke4tFfn6Qk7WGae8vpFMFiWTpdqoOw2qqvaDa61do9nFyrSEWlRj3b3XCPbLwP5yKdAlG+m4hNJO5xtL99IGtOE172dAYzPIu1Dee1J8TA4Y3TsU7vfqleg57A70St9s/RL0In1M6XjeV4Cfyr+PfOZN+OL6Ctgbh7P9TLL6XwCvMbfXSsLYvWbXMdVK0gzPA/KNWH9oIvirJAuZfGjOaQlj+Vb4ZBQLgrC7w8QEHFVMa87fOIdGdcM6coI9AYWIjzmfTQlN3Hm63SnMeK1+gE9dOvizhKDqW3ne5Rg4lal+jldnj6oyBFkwR2WIzuFdeUjtWT2eB8oBfnpLEYKxiU7dlyxq/e9o7rUSizQ9LvptrLwzNJSZoUCPMY44jHtnheZdL2jgwCdwf7g/JYewULOfFIHcSLKc0f1Hya7g2Cg4ret7d773MFuwOxYLKVFh7eoq5w8EUWkP1Le72ikFvKL4H7KX5e9ypYqJ4euGC+OBf5g+7BsDSGXyYFUZ+QU5ENaEMEICOeJcyxsTXAxqzq75wzQvwbVhieieEOPCsDszYhxdPmoq3Min8iorloe4taeoaupu3Qn9f1sVMKO7vNUdgHUZRAgBUzn4ON8svLTrFizOJ6juEkus7qNkXcrOx3Hb0XDxQvaV7Kikzg99YrkHzVVXRodlPfRsh12e6vjR0bMTDqIssI/PezObDE+n3mkW49p6o3vxmCAbm+VCCK58+j4IrmCUTz6JOv6srpcgAE0qjozEjeuTy4hfG/9uXwPcTdHmYpEXBJ7lQHIEtZH097l/ygjObqspgqbdUdvY7MSYEhWubQI6tmCM/w6bur5a7MUzVCoUmk89rKBQ5J74R7yozhhtJmj8AdWs4v1rSmBVAT1q/h35BwLhLsimO+VYQV8cumG4UU8njWjV0n7OAHIUuAXbDPy59uj8EfR0YDV8kMqNSEuukFSQ5i48ok7R4KyXz5XssyZ5njB2WcIv7VDCGX1o89kOnQ1dpNw0CcqyRy38W7XT8kAGjc0H7svG1/Tx5ny0ZdC0dt9rXU4Fhg9Spx5ZuhxTGuzwPfmzcdfuuYdi/Tf64fuh07qGtf4vh5ynRrsDmY/3sKFiTOTcHVQLoXhUUxe86e8Y8rH4wnfIrfUxXKLfYf9wk4mr9Cv4iH5GSyIldP16Kj9A7vbayiEQSIkRSFllbNSZqKBijyZ3oxXy9zkbpChQPUHfZuDs6TpiLwpxK1cdACNPUWvxZTfG3DNSIE0dttEAg5bKiCu6Se5PRFBLxqUjl/1Sb/TwJtQFdUHPGynPobU6yyOKZZAGGYCnnIItxR8+krcNviq2JyAVej5UxgBW3f4xvpomTOWnmbWX98lWByslO1j+Ijo2qBvu5raGgebsRLKlYdVlC88Uy3DWuRI1nc359Y6venCCjvYbOA2OIDsOxRxBETMbvN0JFQwosy+tvVA3ZY+P8fkKkptHdP0EQ0DG6mQDx1/EMdvV308b2u03q+xIOP2ratS2yVgDfxhO13XFne6QE33F7N5ZMUIR9W0EOCP54Bkcn9LlraySNVyHBeXgRYw6ePsJv0o5WjQoD+9WbHlGN9CP/95BrP8YwgVBVLbC84R0KIjpzPMi7FsYHozKSNzp+PHL0BJ6CEioo6LHFlbWjmJ5pDRZ7GiI5ha/546GYRIsZWhVCDKZQ9d9zB4kTerctbxcqIN0W0JRWOyoPz7HFZG6B9fKBQors98dsqqcAyLdUPD7y/KzzWhdfWGOnSyChwwhlSaxCDvcaH3BHsAb10lA/KwQTWpDl/Q7O1kIWSTbfmker/Zauu1BJwcFnae9CPrghx6bwmKmtKjx6W/4Q4Kw7YP26xiphoowqrBuy+rhdLBlBBOXY08sM2egGeM1x0bgbYRLI22Phd7WamtU+98aRChtq4aHMX1IL9mPbiT3f2y/omtL5jjrpGdML/5g8vnBV0guMb6PbGHGeq8nTgBMfmtEzOeQXXMTbLalMqPFQtEu7OWG1qS4QH6WzRLILu+3utRY5koNG3mVBDXrZRUebScezrnK1sRs47p6BYfB7/tAPynMupFZKUZfv4dvVN05VIwJCw4EZWKzrBIt9Ls6e6iPBWnHc/4hx+WQs5YdfjXTSJRl1n2nB8g3jcQscWJ1Lo1VW4pUdb3PVx2CSW4P/PhM/MJGsPuELXrx9VAR7/JssBPLd9AapbEDGTliIHErd0qsye2c/tJdCjgR+tuKf/dP9RpKbnC2FzDn4Ep3qL1fK41sKuKSPv+gK5vRQTR6nVoBbFVBLBwhLS6AlpgkAADAXAABQSwMECgAJAAAAqnVwSGRXeYAcAAAAEAAAAC0AHABlODEzODcwNGRlYjgxNmNlNzM5Mzk4MGM4MGI5ZDBlOS5maWxlbmFtZS50eHRVVAkAA39x6VZ/celWdXgLAAEEIQAAAAQhAAAAbYWLwAvySEWw79SNzCRqcsEYDpZCOnUfofrEvlBLBwhkV3mAHAAAABAAAABQSwECHgMUAAkACACqdXBIS0ugJaYJAAAwFwAAIAAYAAAAAAABAAAApIEAAAAAZTgxMzg3MDRkZWI4MTZjZTczOTM5ODBjODBiOWQwZTlVVAUAA39x6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACqdXBIZFd5gBwAAAAQAAAALQAYAAAAAAABAAAApIEQCgAAZTgxMzg3MDRkZWI4MTZjZTczOTM5ODBjODBiOWQwZTkuZmlsZW5hbWUudHh0VVQFAAN/celWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAKMKAAAAAA==' AND file:name = 'billing_8cdf0.js' AND file:hashes.MD5 = 'e8138704deb816ce7393980c80
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97180-0498-47e3-83f5-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:20.000Z",
"modified": "2016-03-16T14:45:20.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_8cdf0.js' AND file:hashes.SHA1 = '1f5e87b765d80915be17a86d6af1cb08bf6c7ce0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97180-ecac-4c92-8686-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:20.000Z",
"modified": "2016-03-16T14:45:20.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_8cdf0.js' AND file:hashes.SHA256 = '9139aa984fa1854309220de0b2779d30b2280628482d26f50f3c7150596bb915']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97181-d3f0-4298-9090-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:21.000Z",
"modified": "2016-03-16T14:45:21.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKt1cEgVQVDcWQoAAEIZAAAgABwANDU1NzE0MGJjNmE4MWM4NWM0N2JiNGRjZjA1M2ZhZWVVVAkAA4Fx6VaBcelWdXgLAAEEIQAAAAQhAAAAe7dpYh8OisEur7aoydebW+F3/sr7iLYV/FlbSM6Kl4bXJtA2sS3/RO0qPhdA7SAg9tiK01sEffE2SecCHsV3M8o6pjpQP7w3pobpHJ09SN9/PaLcKP6Am5qyHM7r6qqjVtd/eLWuvx0vcnCH6oNK+yMel49maK7tmKq1M+CJ6WcHBnsG+nEoPAZU3J8wbjXpl4dCL66/zRXnzzfwof24EdhYHRtqOl1owilIUQ45ZuhxxRPs63+xyIk1YnYYECkC2FP3sRgzERVhPRZ+VAklJNq2gN0vll3Jr0ZLkQzY01SHJGT6uW2D+E0a+Losn0VDhKxFdDG4CfygyrhEDUC6KsUCysGNtXgKChletH19yZLYvl4wYBToKgJr4sah31dh0Itzgy3haw+T3GOkzzAVtwaT3PqBXIxyHhjBjVKxoqoVOvjknZsIsRS9Yjin5EigVxwqB3KT293YziYy2Oi2fLnW7RcfrUVz4mlj9ugFSZ80+ru4dLpoyhkvN8CA9c6d6q/GHMK3T5/qoqswmiE8bU9cMXthVcdIaKaetXsdUikUVbCtB74pAZx7oYPgb8DlK4zqW1fgnXICQPjn+hiboi+6ti1vc6ihgMYCl/wWN7r8UoCjAMouS3jmr6oPvzj4azqX1K3L9PFUgo88z58m9aa+3aEFJOB9mzMSn5NTjT7/BsSmHWiP0uOMARUm2dPB8ZXZ3RACcfMCPQcigLNjvOQ/wRnnciwmbbKF296ovqbyUcIXo6LFa0+w/XmWbxN85wEV04pFTeTJuxg1yBcQgj/DcYkM8tLQ7zItUUXctkfrvxFpKE0lBMTshItS39bcKXnGCyiC8c39WeKqKxYAEO+drOE8DkKBwA4nZCO32QXTVRyMfXhnszUhbE3QrnmqUXPVDYByjMUccwwPtKQeWjr21EWZDVNJHIkh6gl2vyoJtSLbX3+r1ZPLPBT0LCMExhIKWhtA7S4RrRBObgpTvWJdy0YvqE6ObozBP+2ibpTBP3+lDMK/ysOujLT8JRe6LgjUb4PJ/630CLGcLAndOw/sbtDFbty8p0OszKA5vKHM3SSO/aIaDyLkzGvcrS2XAV6VayVJ+RePfRA5QhlPo1/v0MfDk6qBZYkdW9ZJPh7r3rGhgKegA6BFcRZuqhECsF3w78I/ZegQ9E7eFGityk99Z+6hDWYluHiXC8fOSWcbGiS9iYVzlfuxaV05IsfDPmcEx+Wo0L8fLj0HKQv+TRszwfBwsGLetdiDxZ2ApJL81vDMHUFZ2h4OQCi3IgPeyRbqD7rNELlUqXISf2IHd7phJSQqRCKNSYiHf7CQCYnCLawIlPm0HNpHveZt5AdtssU174VJHmA1AgkCo9zISx2JBYl5wAlqAQzdVFpRkxBBKvvGwTqZiGyjy/zCbJxskTZD3RBhKmfwawxTlu5oMwSC5oyr7oxm+rIBBGNfvG4/nC2Oi+h3YIo7tdwC0+JK3OgtzaYMB0C/SoItwEsizYbOQooniYE4i8zUbYestGCvRRjMu2tG1JanfnoxElNQeVxQtKomGzo3Ai8ia204+MkmKviP1zv7idEe60QC46cd+Dl6UABxDI49LHkORgW5K6QD3arKukUKhXIq7vTSVXXeheg5pCfM7iHXtcENPkAGwqWY9jO1/JDOq4qjVWC3JT/+oQ7WRJ6zjrSHfV8zRSBTkEAbr5pX5P5WzkobDeRb5e8tn9kMMBu2GB8gHJDdMmkj2xoffn0Xs5ghSa712KjUlZIq/D3ihq9tCBCIiUWdN1pbNjAk5KnBLmmx67Ngn/2kbjQqB3oJ9pLHTsG4e1/N0QG58bsZ8vgCXPcYRW8Kq7ICLiSaIuBgrGodSDes4IgIsfcemoPPUdqoPpVtBsfMI4TDXU9+Q+yTqejP9O6/BqGOcNolIAerIAEUZi6haYsvoaTY1TdIqtKHRk1j1Q8mCKsf3QdYS1V63K4T4KGSIsTt1iYD5oJyyHOsHlkiLMX5NDbxTTbbxs6RiASiNzsM+1IAyj4XZCaADHmi5DzZ72MP4p0HkK/g9dZFxzMkJ7hbkYxYPRQj0wAyzBdTPAWKPYcqihPswo9I2bisP8rGbwGd89t1OaOP8J5/oiwcvLaxkztcczDM020a1eylZWFavmD/JragSWl7hIUzczXjUbR44x1XI4AYho5p0e5OhGudf5Xw7blHRNnlnp2NzfjpAFWdWMwDZysE1MmiFqddjvYLj0SFmiTgQeWf6QE7H1SXJX5oghOfVGyAm3JZNJzvM8bdY4ojf4lD23rNEve8/XkQIIWKfv1KYE0cmrLZ3IzzFRtIDYr0mjD8wAwcVHJS7WVQ/LRn39/BBUydHktLrbyeYVJJ/4ECiyBxTKXKMUt7PgQJOICFAKa+ty/uqQL7N4mMaJuxa53DRXExSO/t9rPjk5FmOA5LynZfZlk5qWZsx15qEus4P/0E9ENJ/dQCHNUPwl7Ml2Tx4tEi5nWN/2+APM0SbD+C+mNvHXmkTOqKsp3EtZOKKWv4s2td5FJE+zcRmMZtZNrMZHtduoB61JtYMxAdFol3h7g5F5cS1dDxzzNJmEYsZAlF3Q6/khGNmqNT7hJ8pUNSup21DWTaeSddmYhMJsjrTyPneeaIWmhuws48Jx6I+gShqoNs8oPKBORqES7cDYc8rhY1Y7UIbLObFF53u0y0xBlJD//OF5fJ+E2PU1AicUIj6iWh65v+uuux5ONR3ps3RGGcMiUZalCfqO8DtdC1wcspM9tzwbsd+3Z42e4Ok4II7j7jnvVCK2X2Mq3rO22UNAUT0RD0HVyKqYR5nh9k92hxbPphV+c9Ml0UQxfu29QQ1cvT6IFndGJBcSmJbMyquTeQssdAhCyYhuvs5zq4gQIWat88vXnCYanQOZ67YECm9c9/I7A6qNvmJDLb5uhOOPrgPXTV22N+8UHN/M8gafJIZ5vnUEY9wUCI7XRHs/8ZWCyoP4d5SWuZUNlaS/mni/jp4+t4QrEvzlopBSnWMkhAF40FWt+wE9IlO3xyBSg5Y/5IQooBzjBCgIeTuv9lgNiMB5xeS5FMHNkXh75/haGUIXvL9isCbsynrdVTnEfEgYeOSAlWs9NxwbnOF8rfD12mFWAdd/o/O/wQ1ozfr2vWbooeie7+CUSHNBU+YYBgOqFjVBcYDV285RXDnLkagInui+cqAnEP3v4swk4Gqh4k9YMq5/Puas8bgGVoLjfkzLq500mn+R5EeTFSU6HfBjSfSb24fvlZuWchlpX6VIG5mz0QMQ+urjpJ6acYv8DrBukynHtqY66fdOkAhDrcRkhqrYZNEDxUDEePsWf8LaT8KQQRbCaWNglpIraZ20yDKHPuS+0W4PWOJqxKxtLTKHTaGSIbFcI+YjGJQBj++YQkIehPLnzUszCfh+bMFLyOwJSU85UsS9V2uxtyo4CM3nis+CaYwoSgaqgT+kAa6vyuoCZl754v8vm1hh1h32wvw6vRq1mbOOizkFeYa+N+mlnAMP5aWkEAQA+glUgMGcfPC7SgCEe+5jJNOL9qUEsHCBVBUNxZCgAAQhkAAFBLAwQKAAkAAACrdXBIai4eTx0AAAARAAAALQAcADQ1NTcxNDBiYzZhODFjODVjNDdiYjRkY2YwNTNmYWVlLmZpbGVuYW1lLnR4dFVUCQADgXHpVoFx6VZ1eAsAAQQhAAAABCEAAADhyNteZsNU2s+8YEmGJ9vwn1Ce5AJr7xWBAl1ln1BLBwhqLh5PHQAAABEAAABQSwECHgMUAAkACACrdXBIFUFQ3FkKAABCGQAAIAAYAAAAAAABAAAApIEAAAAANDU1NzE0MGJjNmE4MWM4NWM0N2JiNGRjZjA1M2ZhZWVVVAUAA4Fx6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACrdXBIai4eTx0AAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97182-5f68-4766-867a-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:22.000Z",
"modified": "2016-03-16T14:45:22.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_9ad0d0.js' AND file:hashes.SHA1 = 'e669abba590c4710837c86a749aed5befe00409e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97182-a914-4b59-80f9-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:22.000Z",
"modified": "2016-03-16T14:45:22.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_9ad0d0.js' AND file:hashes.SHA256 = 'b19eabbbeb7752fb44d933677ebac325da856af6d401bd5826193e3ae976036c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97183-32d8-4e0c-99ca-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:23.000Z",
"modified": "2016-03-16T14:45:23.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKx1cEgqAe8ptAoAAAQaAAAgABwAZDZiYmI2Mjg0ZDczOWJlZDk0N2U3ZWJjMmYwMTBhMDhVVAkAA4Nx6VaDcelWdXgLAAEEIQAAAAQhAAAAe7dpYh8OisEur7GD180E7cIa5BVcnuoYxZh21LTp8F24xFWvM35lGm1+5+4oG3jmQrLlDhqJBswqHIBRCtiEb+QHcL4IwEiciqdYjuMI0O/opCOltJ2CIdzu+Z8K42u8Q6qdBjfzB6XDBFGQbQ/a297YsIOd5iTTxfJFMzdDLf1K1wN/QtLhF9m9B9nRCeGCemL7EdI0YH6Wx9MuGvKZ6znh3iKr/hHdGMASpK/Cs+6RdmUqA3HLoBlidOlOhJcoUyR3DsN9ZZCJddT5ZStHunmGfT9V66cJhkLZcaE51kUd4GxR/8UZad7x8Nxr1vXa+9yTSOGlxCcZF9dUCDAIA7QOX/TNJaG6w1HV7k8vLapAYsus/MrUvlCS/zpWeFCJ7/oKtRORtKFMd9BB01CRrjd+I4vqtMzUTrxnu11adcN2YX9SNU/pW21fZ+T6xHlAWCoUiG8OFknOcC2omxc4sPSgjX8n8Lce9Fv+5IVt9hKdG86tPldBiGBTBrK2L8sBAeAT4AQyu7FA6e2f/ei6Z72evmQKlYmJytYYt5nk2V0oVQ9LN+dbN3M7ppPNvlzSLNdnYT7YwdQCW/T7jzxmVGm4sv1WS+ix2DnX+Cg6o68ujQxhT1A4gakjVb9btNHRyhOSyMGACxbgiRc8GMwN+iVq7A8iGCgsF/sR0+vLU4tXwk9IBLaNAZbjBTSXdMxKKsFzi0L+oFb18buxQ9vPwZ10IB2X+9xhaNtZSfI/2kFDCMCM2Xp+9Epqa51Zc4lUbLlApHCs/FLYZvmhbvdKagOd/eHQBpp3khsWJffAvLFex/qqKmzLH6w7yM789Al++UMHTJe8YiRTelkjGZUK2QRu0Z27V4lXyhplKXnEsEOXwllxtoR1XgvKaQ7OwX9gioQ4VkQHdXo3+1LuNzsLbD4HYSEoaLTiemz6CDPjmlrHL55oz1LJw6OjrXsBAbzXfV2sQTg749cR7sJsiM9YCW50+vsYWn9ASqRtUvE12AjeuS487Y9jCXJLb1TsQ9LnDoeeX7AfPcU4PR8IVxubqmqn2wi2e6TZO4ZqgLN9GSiNI6ztjuAxyimHRyVw4u0204RiPSb2xGBBpjhBqUmvk95s+GipZZI+aXl41dpTzMrYmqgGCc9VRKFAnLfBr8nJ+ql6274m2BCk/taj8fXEWDyq9qtRghIbQLcgNVBQuK/RtjCeeRClJKnuo/opGREUQd3zH/iVACF7p4FuhBsUsd/G9fdcoLXaEJqjh/CQyeYwXYmrn08xLmXhq6x6gpKm5A3htCPAgYj4rDEZznNuU7LAiH/AMj0FvPRK8a9dMgRajEERef2++Au/MiM57a883i50d7oZMfiJjNJqCRdRjRPctehfoAhfFYjb5mRZBWS8BaYCyGDqKvP9vn3iWo+3qn2kK+7wZinDxqmDBNMk1WxKuXoVNGNhWFAT5zrpqrZV6wLUDmvC7k8s/UZS8HzjeUSKth/MH30P7hNzcPvD7ZN6dPwVxUtoRtbFwO4S2f1hWsE1asImqAeIswL/n0DEvRaVaCCULDchKMOCQGCQgN1Mfg4A2qPH82Q2IOvyrGeyMAff5BH/VOJdM0y9nFfYMq3VZp+PToLHcoUoviJYxg/5aH4GKdcHNDleNZIugXYXC4SGd9mKixuEFP5ywFUKMIk+TSarg3gSQ/03xTM+xZqTl+hiZh3s4gtFU3Tt5vGxfic8EmOYXiZidoAGoklOJSBpFZ3S2hc7NR3rmuEx3nCoyqQnlqt0QflLgYFlbKOnhMOALPQL5yNhLGhdvzzmfHuChT03LBe1D5Otxj3uMf7dSnGQuz0QA9czVnrOffqhcLTJTC+K/OekMU9T7ByuztUO0AH1IzvhTRNRR3Mmjvq+4feuDIsZBtf7qEsunCGbtfvj5UvkT+uS++e6o8notRWFzEPeSbA9csBL+Ol1ov3q3snjKuFiN5XXB+6q808c4KUBQ3FqzfVtoGIk1VB2C0LXkzjfK8CZdm8E0HMaRpSvmuchEHao1qoUSeQDsjd7lBfK1XUxQSCEcmpLCgfiO/Dsh9TL5ZrTAKEecZ/WpSeVa2RvfMsHT/qFcPO63zdZQOk6HZzyzEjIe0m7IhiM1V9rCOQPPCgfmjnmejOBFCbeMme1fPm6MF5oCy6d+CIsgKj8WYAii8pezC64/PpTHkYou8b9KO2YHUhI3cZwDvG6wWpfx6O33NyDXEXgz91WsWsgGVeSygj2ziukwBMgRR6Z3u/jcIuauHRlJwVdpXw8rRAN3A55UpX8zREQWjRyoK4k+SLocn3Fqh/1+j4hBl9w4l61Y7FEptu6ICjJIMjaEmi5RGEqES1Sr4o8vrCe1D8tSooPMJlfqTnaTqDuLMtT4s0TlgDqV3RnvSrKE9CY3aWZwQsFmofbQ0DXoiAwXoac2zRJe0459pKVRp0Wh1ofv/LqgYaVOoVmiAtQOI/802wbhidcpPwa3aqfISEBmN8PjYOnHXJMrkiBhEsSkAn8abOdGTfF6bpJecNJKynpzDRoIMDW+KJssGiEzu3bNZLRVHLhIbe3kgi8Yy7sluT/B5LhK0iYLh8+RPHVDyGF6p0ci8ineqAV6rjnYYgUW7poDhFOcBL6AXKXJ0JdyckMYmNxc/uKBpdBv9X2iFqHjqWNul/NpeckQI6oLmiZl4L5CJgccPAdMi8fE7HG4AZHpgOl1mivEQvENSwerbPKXtCJSUyRsRGtERPnF+550sziAjaq9AcFRJJIFlpMw3LaSxonApNtq4LPjHQr5bP7dfQnnzuutnmzRZkH+1I+8zmaFFkhLrniN5qjKW/1Rk8VrdI4NeW0ugON834uOMYdh4masE22qDhGvooyoLhc79NaybONjTfdOTJlfgx6dJX4dm1PHacKNXD34qvKalqoViR354He/Y45QEVI3NFD5XZF++aSyNlxglGNBtQLzeT7AMzo9yKcYHcQA2T9JDGJinj3SqnKLvTQRwZH73hbkw/+FSuCxUGvAY2j+vGzSudfk2MKierwD9GicLA8ojf3ZZqqfsGitZSKIGZJ3mTwRh9abOxt/krXb3FLGOXCyYfvD7FtP5I83E1XFv/iERPgmlOj2d3iTvoub/SwYnfR/kyb+iGQxgaMMglLO61dve938BRxq/Z3Op2UwUcERk0huXC7eB62nqzHLtBNx2vF7J0OlpidWD9BEIRp/U2UZDucEkyO3l8Pf5Z0DMI+lno0QlfQHFPYgNAr6eHKP1oWL90UFG/3e7tLuqy+W/JBqtZp8ryfJOOSIQFxAe4/o87Yj+17AEsBxIN2YmhQ4IJDwpCn2UWn2MnjSP2g7Mv2n/ySfjr1YQ3ED/Aer7ooNf4AWjDhRcFp4MVGbz8dm0YlpeXb25hYBMwZ7SoOge74K5Fni7lEh6qhPt6w/quOzXRDWMd9B/KQTo44Ln9qSFI1rpWxlBFa3V8XYsMhDBkvodYMVyzrquNqKvDzIdJVfg7fkz1f1J8dMDxnhCNPOIiWoYRYpfi+axejhYuA5VisksrIpakI4zh53Xl+Qar3MDlR7a8LNwl79zBr/+MKQXs6jRTnpGDKt7InldJKr5ltKZ1NLK7dVXPWt/CIxUxpmD2EenWTnivWiPY7Pxq3arlybJ0JxL14MHzrQwZlp4lpK4zJPFBLBwgqAe8ptAoAAAQaAABQSwMECgAJAAAArHVwSOcL4VIdAAAAEQAAAC0AHABkNmJiYjYyODRkNzM5YmVkOTQ3ZTdlYmMyZjAxMGEwOC5maWxlbmFtZS50eHRVVAkAA4Nx6VaDcelWdXgLAAEEIQAAAAQhAAAA4cjbXmbDVNrPvGcOZoHdywr1Cd2oaP6wPFSGXs1QSwcI5wvhUh0AAAARAAAAUEsBAh4DFAAJAAgArHVwSCoB7ym0CgAABBoAACAAGAAAAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97183-f304-444a-a01e-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:23.000Z",
"modified": "2016-03-16T14:45:23.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_9cf3ea.js' AND file:hashes.SHA1 = '9dee2449bb746f8522855971f8911d9d56a884fb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97184-ee70-4bab-b42a-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:24.000Z",
"modified": "2016-03-16T14:45:24.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_9cf3ea.js' AND file:hashes.SHA256 = '72867590c7ec183db9121586299aceb63857906a9a894ed318e3b8481359137e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97184-5de8-4df3-ae65-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:24.000Z",
"modified": "2016-03-16T14:45:24.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKx1cEjesqCyJQ0AAMEhAAAgABwANTAzZWU1N2M5NDJlMDg4MjRlZjQzYzM0ODY5Y2FjM2NVVAkAA4Rx6VaEcelWdXgLAAEEIQAAAAQhAAAA0p2FaM28cmMycEy4JBlhWiNF/QBDghnKpWnU97a4bOeFuPpKkPzY1G1CtWdijTlsmU/6EioLy4uFfthiTdYFdPHz0k5Lf67aXbAcozyCywNeW9KZdBTsJ+A8G6jLkxy5WOpQf/0ID5PXjM698R45tJmAhazH8sDMvnZf5/PmCbfQnJ9fd9fSSqABwjVl0tB2Fn+fSH4xYUrR/iL7X7ELIXOTpsIcy/NlE2XkjDAZ9Y4+2a8QPyPi8FYUQj16LumJfs3Rb540YIlDps58teAEGaN3h8AOtly4YgeUuMZkZiQ51kSp6nDKFR2JZ+8iIbRaW1WOeMlGaGAq1lxrJv6SIFZp6KcweYGctKvh64kTSuI1qGrcze4cikb39JKzF6v5TXRQBbvttUj9vMbrj6gUApS/1/G/Y+KeFaP933RqXpPGwSaC/j479XvVVmckZs2tqPWfYRbvxeTYmXqU8syypsUjEpvwN/zSf4Wz/xTseB3YkwnHGj6wqAwXrB46NE5EwGHaBBzr+9UzjdDH3w1vMMTBmvavZx2HoGpSzgNKlTfHsGQOnC9m9NIvgYo0ITeNzwq4tpD3vQWIYqZ1bn15+Loczi9iqM/29dxodvnY0SE2f2PsHa0CJeeOd1utBLzbESi9W8tGyTP/RjNvzCiVnKroOczgpjaNwm/Fm27BfyTN1ll1N+Mc98n1k1C8v/oBwIaw0uNy7u+VrDtvJOJlYWjxuzdH9nhW4OpJsFngaYPKqTFZHM7M/ZQwACcA2+on8nMAFb5QwwwMGMec7pIAXDUpPDkqLHkVEFfRJIl2mT5A1wRd+8tBqeBNwPTegcIngcdfFrHHAZ9UyrB/tbYBhfofaTkiFArDlofhPvVX8Rebr1nI5vOt33Ns2Ut34oCMIn1UxdZVsg1TmeaLZN2bc1dvc7TBtGrhU47Od7gz3SAFbvw0gg7JKJa4ui0L80CD5veU8/aI5I9Lh+DJVQUvevKPK74aDFnF4uiJZBQjlW6aF5fRB/LCal6WEL0hzAQcRRJ4BOTFnEmbDs82mv9ZNGrshA+eudxP4Ems3cr8ZsiLaMQaH9HzTqalyas2CBJ2AehQvu7HN9h0AdEdjfLCUR37VK+bk1FhUWPXjHEov3dM+kW9qJvXNOJ+gyY9FpaKckNboDMsUrDLKiNQujIDey0Ty68gAbMaYQTACxig3xPZwc061dvPyWxvmlJB0+cipmtxp67AfNqkvXmFnWpbtn/tsM5ipdo0c3DbiwDWZGYZh8Q4VTsWt9ObX/2R3hHrFPYdLGzji8ywhnDqfOgb+hSd0SxF961YKVrcPMVTWbNhaUU333fcKuXdW5vhJ8eTDWInY1gDlkOzcT848ucO7XuqWpBJ8H2QzPFOfSVhaGSy4HtpE8E+pDyERttzrkfSo9NRhjOpx3AbqM5/VkzTh/QPwRJ9NQHWpX9OYZj9DkjSc9yAamGlTFPyRUaf3Dz8S2iJ4kgDc3aAHThhXiUqd1aYaf9Aatd6N5m1HBwAOEnMDd7rpxY1VrSXZbYvDXpQWEuWJKmwQciUz34yeEwgn+5lffsTd6gPauPNRufzCMXmIVsmJ7ykmhp6DrF/Xa9HrzyVk0WUWOdr1FuoyJGQDxePvJ7Es9LNUd1BRGpBxiNAqCx6UNa2kgC9HsJNscJvhFSCOQrnPj3Kkb9RsrFTtdJS4uG0H0liNKRHf0cRcIgPO5qKz75CxgztXUmgpm2A6sy1IUz3A9kcllQH5pfTiNpjQ2/j+OJvTmuPEJbytVkU8gBrlExUukcfKFPN8oo7nGdnFIUO/P6cUJIKMwduzLNB8jR1z+FaHpiO+v8rFUBw4lQd0vCP1Ss0GgmcjoUOToQ/qsbFpklSfqgnyjR7DsvSITVkHV/1gve+K3aQLPerjPr1u/g1d8y+3EzM3ZgDN3larcwGoh9dAMzdf5dKVXPJvY1hgs1x9J4T3Mxakg/PsTLfepz3r501fJnINGbTtSsbSP2pW6JM8tN9N72hInWucuqurTQGyeGL9NJ01x7hoUTncVMbD9KiePYfjyLdFjuTvnM9luvgQDhL3YKVQNQLr4Pp7X5KSZ+CXdtpfHAp+AVU8AAcAOF7sefiNOv9RmZhR/MV7KAjfPBdKq5i+Bn3Sm14ioSwym81iev7gZS56pE9JJuKHOkQCP6FFNEo2WvtllIguFeBhsd20fHAHD9r+0n4CSuX3uJDt4LZZoiiAfsWUP2HMpWLFK7YtoIi+Y8FJLuBqInGTvPhSVMTunZb65KkY3B2GlEPR5320adZssZ0v+F6P+50wb3kn4yw+GnmSeTUqLK1GDHRlMVz/qJKr1fXspxw1dHgxA4et4D2TNTkq4m1fK6sIWpIFuM9yW6B0WrKc/+WpLnadeSdEiG/plqYdV1UBywOFiq6u0HYvZGl1H9NyAQMbCBHSAGFZxAT0QnJTwlXSJfV6bgz+r7N7BQp07Ikz5Urfqv8sebhpcFdJ+3VrHxhIQz7iFblhXHZ0BBWLJIeRx6EBYcJSEV8V3GGsbIxI6wDFmVJSewh2N9OyHS4wAW6aSEbw50ppR2QxlzL2JhkuCdRwTYLvambtWCea2LV5QKDQc7Xypf6s2nxLA68TK/6u6/1O9TXRTeEvjYAsMdHj4U+5inFGgJkClGGRLjJn9cIuMCGTpUFzVvXIfwZiGZMP0x0jfWrmzYsVd6cH1ykt+qfDwPJ2+Lit9ld6RJetpRLn6X7ocap9zny0w4I2NI76GkmdhZK9mY63QvtVcLH1NVE9UH2iL5uqp1/ds7v1va2nknllNE2ooTS7guHCxaNeXJ2bJKGSvAi4wxKdUejfzF1GcHwUsFG8FsiwhFv3KK/VDIWh6mxi1prre0lfSaDv1CxI23tvZgGoTW7dNzxLcCvElzUETdTwoVXI8IQ+r5RPvPr1/E5oJ+Jx0x2295+a+QhL0RLBjpFjztjOtV/RyRgbqdmM6krKmq9AVYBjvrqLH4srhQ7ubI9RCXcjer8iXQVlU+kavuA6dZEXK9WeZMMAag0665tR8m/NEdAqdtWouPM7kZudjtBQAC+xwpTHcQIAm2VXtN5CEs2zFxYoJFuHRA30fvL5nkchGoCtOjXcvLuN6sjJr+nR3yTVak0ziYodtLq0/MViyCUdTLT1/dLMe+l/LDa2BT+Lcua0rRJH/9kCfOjt9y2ZJlk9Fju+insqqvn65ZVQBs38AEBeUF7BWYlDW4qj32KLy4YewNgQ60jIsZCpDps8Tw5kTI89jlO1Wf7Xqg5U3V3OwOybItiap6QLxsNkjIlJ+A0rGQHu8TCjFCgyRnAiV7z1VR1M5aiguD1ELgR5M1wzV/uxhm9Jla10DC9RYhQgq7bP/U2R8zmpore/RFwJxN2NbScIlLxiALfdIiaaXR+OlM1Mcsprg2vOWibuC1lsKV1mECFzXPy7ischNAa12/cRuF/AK2i/yeTB8GXgG8A5bMNHK57qBW8yt7c6tO2gJtV9+lzkTdt3ZBaIKCWxp1ofJwNIHpaToQKhcLVMRRxq8M33kmrp8xpFysd4Snvm2bfuHRjkYL122quklxjSnR9td3+mWhp4C0UeNdkLpVD61Z2mEepuCmkWDBqsl8HLYU5Vbzziv8Kc+RmmnlIZjUsbIwZpC02TFPYNw/YDPwgK4e/SIgZLKy6OJD+Sge5KwsHA75ei46zsUlO2jEfcW42dxS3u4j8+7iWPo8/wwUdEp8rV3GaVvJDlfhTb6aJIY7/AZZBeMEVgCQZyV5O7Ve0F/llVx5pxMbxeEQHs0fFJdwuMaxRlzReuakm4FrH7ANlTHcUuPWYE93rRveIxoe0kixpnXJsBvsguiuXVWUHSKVWx0hQUrODMkp6FdP3Mb10jKZjEWYe4cj3kxmo0BOMME/7zye8cnw1OSMxEvj0N8BjuJ
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97185-96ac-4740-90b2-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:25.000Z",
"modified": "2016-03-16T14:45:25.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_20c78.js' AND file:hashes.SHA1 = '029127ab0253952451b0109d94db5e9a247b08f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97186-3348-4f8f-b521-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:26.000Z",
"modified": "2016-03-16T14:45:26.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_20c78.js' AND file:hashes.SHA256 = '06b4578369cbd7241869e4ce5a205274a920280f0484faa05fbb6df42c0638be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97187-9be0-4d9c-a1a1-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:27.000Z",
"modified": "2016-03-16T14:45:27.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAK51cEj90OewkQoAAMQZAAAgABwAZGViMmFiYmY0MDE5NTRjMzAyMjFmNTE0ZGY4ZTU4MzFVVAkAA4dx6VaHcelWdXgLAAEEIQAAAAQhAAAAe7dpYh8OisEur7Ou51wcFbfNlWiCmaNbn9aUhjRuqQFiZXea65eT+OEnYjlERcG4rhh9WIq13jYcXeekpNWVeiNxdXrz4exB04AtJRg3EQLxkL2ulwpnUMYV1dlBrObmJimsloaZ5eAEn4VSbG1cGuvoc0fKQX7EGUTK7LU2a/5akGHjL5dJRsMVHkXWZB4T/2ngVNSibUYJDnXuqW4PAfAw7MCCdvSq41bAzSt+2BZVgPOyZch9B5lwzVzdCwSr/O1+xtIp9QMnKkxvx7Tfl2kL409fc29NkeJqvCy/LG/2EnwxHAmVyn4nfEhT/TrZz/R57ra9pLA7qhnlK4X74aiGaesjHRkv1yHpxln5l3A9+c26dxx67jZNQfzI1+Yn0on79BSZmMuPyzZzPwxII84Hwa4VzFsddbnOkeXJYttUaxD+I68iOJhszfXe4D3cJ/Y4bBv4M9/PZt1M5VkafVgcqk64ujSNtOQ2s4FuXE/clQXtZWatTe4yYI0VVJ6yyPiJjQo2DTvfT/n/ZPAVZpPHA1GFZ7ixzhlFT5h55bg/1DICQ9tnyhsZEahvGNF4RwLlEiSj0yjymWJbvboDAzwRT+/XuNKEAEFFKz4RprqjBBhJTt91nAkfDYWVDx/tDpzsrd8ZIzjdmRIhOBRctTRkokM/X8UkffHoLJVXRCnvBYyH8aM0GJyp307evmX4+XF3Eq0Z4M1085e85lfLBMG+x6QdPN3fqf5yjFVP3q6L8vcACGhkGaos+gm/ZqGKRMbRZX2eC+/msMatStutT/azszcCiY4rX9IFxT4s6Wp+dxK6nqjcr/MhNb8kUvaRyemGmuFt/HwXDJWlxgAjuZfOr1aU/ULXRPj0FS5pyUCq4cPMHryI/YvRGGzymNi7S/SJUCM7sxVfOLFQkoKlB2Oh8uQ/1fovJ4fgvz0KBQZJf209WPoCS2zw4FR5+gQM2saohvhVCBCr6YCuB60NORira2Rxo7hJEzrVwPLiF4u5IRgMYrW6tQ2ydPqsWP/HEUr3DTPTth90GeOdOvQCKDMKSUrMKgijq9W9ji1046TXL2bQhp487N5CNJzU9QTOOdarsS7Rc6dir7Ovh1eu+e89VMgBBGmfVPEOflrC4DuZpd47d3sPVWTgOjHYIDumj8cb+do5sQj3KjXQ8UGjxl/VLVuxHE4YE/N84o7jkUidtArELEbQp6Yjaw71XFYkiqe/7Vu3553FHgFjHHGpQxZEjaXQ9Q/T9lHkD9Ge+c1vL49tbW2bP2uvdPebzK68YL/RjC6qPuiB8GcEXAxWicei/oU/uEfpNbCKx9M61PbwbAXFRzUMIveYmLCDVBDLy55ROWV2O42Byt2NBJj5qrRjAYkEUwS6PJQmaXh4dcOYEL/PNbp7eMAxp6ZyWyElPQw13NZuDlPHghmSy6vMn7rSSU/6TAOHfC40NFfsehbVNCS/cDikccyIYTZLaNlBEzP1y7Kzmtazkg9fzmpSPLXBE22rkyJnViAhMulU1iv0+GFL7gMUgKAopBnLekCvH0CNKYdyvxnGyg6k/gzwSpfDS+atYsErMWoQ9hlqMaNuxDJpTwDxrkcjtpuK+3WnIN7SEye0kFcCAJecVIWZt6uzAufonXiX5OKCNw4HNfBtrgPrd08krDdMYuRSz0JWASpFyfD+7TSJ3nOH9PZevEg+kD71tz+qHVf37qeuU1Dkv3IejhpLPcwJEKaQlRuM1ivIhrltF9nzKCEP0eIP9/CemFIqdaskZivsf7FMEk75cnOe/7M/72IyIZkfSHnqj3zgWzwuUQqh7KDAnvngyMCOwufI6E8+RGpaqCR9oFsPvtg8P1LuLvC+iO0yQ8POP3Qo6GMtfF7CYObFJxiF3dwkKK6RsVmMlXjCvEpzoOGbIlnlKHIqVhUy0/lT5AnyAyBQZKKKWk+aJtUZgrsfn6Uv3iPWHRSXoYgmNFoltVDvf2IjyG45aTQV/ENxDJ+5DJlJBGxytJ0ydD8ZxKe4HKtncwMDANvHxxSlCaliGwKFzO2YYINC60vH1rKrCi5QP7eUNzcpMci3SRESeBxl1QX0G9T98N3lmEKgyRCOfAGSa5WumKYPMG1STC+STOWwcCJusAqvgZpwMBgSTMW3fLa6uO0FtoZ5WKALOhOFPam9BaPdyEanGsZxkV8wkj7ybMEJuior2Neh7bUSI8ixWXMGOKiWksq+3/22/1R6Pn+XyHQerLGaqQIEeF3UfwKXE120c2ac4jeRQ6gRaIoplDdw/fVsWHTbgNqknncAhqemhUqsFf4gSFWswJvaAHW7D+EczOrMqe7XXA7CANUnl8xvnwbFEFpeNUYkUdIJg8fdXQa61Vkfk4FAljr2MjYCRkkgDG+VptBWmaIAAL4hBJhfVCWa630IqezLOeCHFH1f57lxhzuS/E02DLVOplQQUP+0omy06ZItzyLukveZreg0uCSGIYyoWraifwYlvfWyULBfJY7ST1dgF02Yz+/SgjJxptcfj2mtWvGm5J5OL0wGds4l0TtdmlenSu7mSgtWZCEbeKc7txkQ1AbC10nimxE7XKeWDyYPrEbEsq//fzt41b7wHd/KphCMzpfhqgnJLGd98KqvuPcG1lVE6gcamEZWRorRfbit6A2r3CMfAFmguqDXFOxMwNXor5vk0bSZQ9mMGWvXmDewB/NKFeIASgJ7E8ZEBvbdzKITbAhH7jjoTQ7kQpgk0j3fJn850xxZlfylHrSGo67hQf4uBDdpAlUWk16cRWiKvgOISm414r4GEhczBjopIDSOvOSmR4SeNVEMJ0NCkElMxqplgaXy69hhuTgf27q7BzYgTE6s5a4QTj8YbLKe8I9nAILq5XLMB5nQ7kwbpEhjcsFQ2VTE81vXwBCUynmQIo4S/MefSEsLn6+0302u/aXO4vzzPrSuVj3z0KRwJuQc2WdGgxZzOGpihGpbNZY+3tCsh8ncF8M5mkLIpsDYoMkuHQWtxXPnr08eDi7d3yER7GTIyxbqea3mPtfGku98gsjNxS5hpvlRAtqDxvd8r0nL/GS1YRPww29GzkBixG24yGo1kr6kynkgHD0R2lucR2KCM+rnBPJytYWD1L63qBT+UNC7A93bwAo9OT1A2/TJyH8p+YU/3rJeWiLhS5S7MBaoDX6w4ldT+Z9owTKaL5TZrcLn8OB9Hw6tDtpaDZaRWot5AUIUvluA964Jyf59DtDlDS+zzYz5Eu5U04p4B+YsA5vSDgqO2PqMl8xGdIfjS1XvtgBODRe1utsvgykmM2OXdnPKb2YBeWS/TOAiE/LoybcQbn3vFBin/M+r13EGwM3o0A2T+QdBR3WZ32WgzVP+BhXl+UzbzjxClOoxIdnedHVONTg72TwJwqgGuxx28Gy5THpQi6cfSK1CLC0wJptIRmtsZh3tPNYXshpCBKuydWkx2wxvfcJKWaBn1nrPcmv1y566rZMX8IsMnpQpN2T4j3GQggR7h/L83xrMOYALj0LT/1H7jnLtfRw2L0r/LzLNssj3Vdk1M10MIoXsOeTgJVN5jCRSpOg2L79f6UETVSLsulP4fsZiEDCnq6ha+tDZW0aCZUPa4zZl17pZKqqaGzgqOTJQSwcI/dDnsJEKAADEGQAAUEsDBAoACQAAAK51cEgBB6zCHgAAABIAAAAtABwAZGViMmFiYmY0MDE5NTRjMzAyMjFmNTE0ZGY4ZTU4MzEuZmlsZW5hbWUudHh0VVQJAAOHcelWh3HpVnV4CwABBCEAAAAEIQAAAOHI215mw1Taz7xlaoROWq1vyXwyt/32NsOalErakVBLBwgBB6zCHgAAABIAAABQSwECHgMUAAkACACudXBI/dDnsJEKAADEGQAAIAAYAAAAAAABAAAApIEAAAAAZGViMmFiYmY0MDE5NTRjMzAyMjFmNT
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97187-fb0c-4b5f-a322-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:27.000Z",
"modified": "2016-03-16T14:45:27.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_32abd49.js' AND file:hashes.SHA1 = '723b9849cfee315fb33f16e176166366f71d32d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97188-ef98-4237-8345-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:28.000Z",
"modified": "2016-03-16T14:45:28.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_32abd49.js' AND file:hashes.SHA256 = '5b6684eebb00e4f63f2a84ee95a75dd70059750e9b4618e56c6cc84693449571']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97189-b310-4f83-875b-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:29.000Z",
"modified": "2016-03-16T14:45:29.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAK91cEhoSvR9EAoAADkYAAAgABwANzAwZDQzYTE3OGViZjY4ZjRmMmQxZjg1MDdiOGU0N2RVVAkAA4lx6VaJcelWdXgLAAEEIQAAAAQhAAAAg4R1E5ct8hfqcyQNmSuQzMqh1otNSOZ3S4vo8dFIIwvC70oJ9X49thGrp2ju5ZqtotTVhLIRhzNqEpohZx1xrm/2ITFCL6Lzb5gRvbgLOH/hoDBCk0S6zIWylNuMWw3Xmz/U9bIJT+madh64aIIPNGTV6c792Lb8OMFdTD97wgQ4kcsIEO+86Ym6TL2TTbZuHSU/tgGnne7T+mtLUYeRBwtWpFfW6vHm2Qj0ejlKENgzT8SXI38HasBc1mKXPwEcpjSHhWfKQQY+Zpd8Nwq7PcVT04lZs68ThATePci/kRVs0NcMUOH4iVuNBN0LTCUsl/daHtkI9v1dW4VupPWDhCBqO1ylWla1W09RQFxJwKGo2djA6wLzuClvVpGo/QKnXkL8nLk3ZyIvYXclrSXRCbPcuZKAXehcdh8acIPWYwTW7K7h8tLEKLVYg+RRa8KWg5+I2Ax+39wqhedwQY1HX2+YDpTtJvuXV54Jgrjdwvsqr2DZGNqEpswfdBRWOObnVhRqa3sLSYnNphaj0ZJhhD2CsWTJV6kPphvHoJkM5P6iMfAZ+Og+ho9GY9rkLIGrZ80RfUje+2vm0wlOscROebtdkTWtpAGUZAa3dHu8+gbJy8K7eUfl/aXWIoQnGpvU/ldY/h5q2E2ayF/bynC411HZUu9dm85OsYLYdFiMD7pAyqKfJOag0mzhS/+YwkvZx/d74TsyWwY7Unctkm+Tq7GNYOWV3xJ3tCaeJd43/uy9zvQeCYCXLxZ/o+DGwFn98Eo2KYOaM2253XMhFmeRZq91x2rVMlymKAnsEkvTFiIAwzHcztDyvrpoJaje/DXFpPfKGOmK3cFBaX6+Lpqv3369gNMNRuly/q8L6Wn8UA3KOIDgZS9LoXLwD2rSzYEM02XoMTt1WPQuOyk/S0aQoWbKjRhZvnVDC6/M7fzSnYAvtbPrt7M40G6rs+VYngv4N8Hq3jQ/EVXvAjKsNdqkUlp0EMGm4iaw/EXNFp5n8l6hFEqiiPs+xbBZoKoy8oq3c2S0rCIqDNIqKtVUmRjacjSLL/sqIZLijym/nCa4boh4X9wwVBqUlO6CrLUvzn/j7xs99/aAGXXu1IJEKC/F27dvrf2pshtKsJMEp6ql1HIEYI1zqvUCqFMDokbB+jXOeRSfNGuwxKqDYsR0VD++jTAHWJ4q+UcAky/zioRdciRpK8kAH4EVDH8PM+p8LL2X7p7VbTfzj5EYnEzdqqci4/pWrTgxsz93O0jh16e9+gPr81vWSyGmwaxPZgjPTRTxDPTOxyILvBSmQwAZ8z+qN4mzz2BrSeGSDyTX4D4djz0M1zPrK2xyvKrtHx4PjuEqv5DJecxxdbdJt+2schTJxUZw8SxkYa2q25x20WJKNJkNFiczF/iVd38kwzrq46VJtbgjmxfUkUuN4u/t8QIDKb2TDsVmXHxvTDz6re/rO/fEQy09d/+lCd5W4i8vHgPcf8NZhXlJSmys3zf82j4JuWAfP5kMSPIV+sx2Y5JEM5DaoLcRwnB5S/qWYg7YC7jT4H1hjkffuIRG/Nlrfq9TFJYTdHZi3lYdw30dQWYEEs5tdY8AJVnPDc9toQX2nEXk8CDdN+ny3a8CFXDhhGviNruq9j24Yu50F08QSPiDpTAGCb1AHwX+1edCgHVcuSjqsyFx+IbJs1Rr4j2LTXRDmitWISUpMwwGNYJUdLCKz/t6R/9Xhxmhyr7gfRNRjMWyBEiMetMjXR8CR69lcDIZiw9OumMAFYOp9QBZaMxE8R2XNUuv0DRTbYV6HgUZpYXyocCg7iFVhxiVR4VOn2tn5hIhmD6hRcZXPipmtMsbgvVFiMX3CKzf97ON0rV9CJAYu5wNF7neAQCz/IbaMQ4R1NEJmuhvsXBoUX3vtvftWQbzvK/eCNYdsnBO0/+4cApOvI3fnT+sZ0zs+CzeK5KrAL+QUOxnMRb7/EcvSy2TRfA8wPsVYfe0x6PHuivykQC7PZCAFrulVFWLrYTYDPJgsI5IkAe23p5Ot2QMaF289jBXZS30JBBqld0z2GqT9FP/QcfH36vsVzSIpXASiQMbFpInSDzxJkL2t/gTrp9jVsUxTQi1o8lvqQGivbemtmQ5Ztjn15jpsBIGuykv9ian+UuYbwoQuI+his6wP/jx5RO8pYZypRPIUas1WIz+pDjkBsiSiSI0j3Q8V+Fa2VcIt5RTRshNMtzTfoIj2t7mzFj20nHYmdxqI3G07VGTPLN+YbcYxhYBN2gMH+4VihTrgWbZkp0DgP5z52ZzchK/GhVYsH5G1o46wOc5pueT74Nmnnyl+yxP8om/7GX21S+an0EXl9IphQX0wj6H1VOhUpzuoXBqBKezlfAddwc6T+aVZp9xuKOf13soouXduS3POIIhedbXxMR4vPh15YyXPugPZFYVjt11ZULOGrld9t6g5iYIBKk+tqvjWwcWBsuTYSRs8OHvprDOagvO9meb0iJzyVsk1eXqDY4hasYlxc2wFSIBDmWJhrRaNKtm8oUyL/R24Zpryb+xlCYCSN3qNEjHjJPqHCRtSth7KmRm08LRrMfjBU9B3jePDc8Gvn26w0trRsnscK1IriulLHeVZIfkJZuP+QpLIW2PsLaXaQd6mLJBWSu0PkxpME2FzcLyrDfnIz5w+WE+ooZDVAVMX91ZGqVPRhIIjahNt0TO4AhybVWLwVobPyYAwl10zNhk+w+DqOspE4rggWsNN1iTS7849Fq9E6KXYS1jigvtKTSAIzClwJw9RDylkDV8t4SdjRglh2xdNIKg6MvrMONK0X2brMG9wkLnIW8qPrsVAX5g1NXXxjMF29fkmucwVnnneyfMobWwACGIcQ+q4oNOdvy3Q5DTCRX5KjNatw7j0IcRSH+oz+R9eDDtoyOJtoiNP8tC0xwU3yhH8Fw7ejT+xihwU2Y7NWCw40YudVj7IGomZUZ07ZBGox5/dKz17LgnoCC+XXI4fvXad/O37VjfD2qAUO8aExthJ+tXQQ1Qj+fHxnYFB5mhoAVbE47mkSBQW7Zr0ek7QA0s8zqAETAmgNAfpy5DikMYVUYovFrmlVy323GYxhIpYv2Hg+ZjvH8vfJtsCbOUFOZBPqioZaSyiZxhQYndMSqh9x8LDPhTQDME7Ri2A12rV/ih644DWnpPOE4tj6fFdLoM7NxdIQ3iZ12XhC1ovxpgoUB4Sa94b2Dd6qsIa/TfziU1WN8/PAOV5kglie4fyt29OXR6X3+6KcdPnX8Jd5TkYiWrIanGlfWs3Y2f7E7js2mAfGFTBWwoG8jpyznF4JFtU6E7MiPLSD/mdN7IFM+G+yQvirOl9xfnv6OBw6lMl7k75aThkrKAFG3NO69PnGO4LkfKV2T44FhaDLGubdLnuXs/bBq9a/J9EGpB14I3EaqgLMMp/FeEJjYrnm95BTMQSrK3upPzcOtQSwcIaEr0fRAKAAA5GAAAUEsDBAoACQAAAK91cEi66UAyHgAAABIAAAAtABwANzAwZDQzYTE3OGViZjY4ZjRmMmQxZjg1MDdiOGU0N2QuZmlsZW5hbWUudHh0VVQJAAOJcelWiXHpVnV4CwABBCEAAAAEIQAAAPDN+aNaiYoe6uAOQwNLsBp6e+sy2NfC1ek9KAKZuVBLBwi66UAyHgAAABIAAABQSwECHgMUAAkACACvdXBIaEr0fRAKAAA5GAAAIAAYAAAAAAABAAAApIEAAAAANzAwZDQzYTE3OGViZjY4ZjRmMmQxZjg1MDdiOGU0N2RVVAUAA4lx6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAACvdXBIuulAMh4AAAASAAAALQAYAAAAAAABAAAApIF6CgAANzAwZDQzYTE3OGViZjY4ZjRmMmQxZjg1MDdiOGU0N2QuZmlsZW5hbWUudHh0VVQFAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97189-32c4-457a-ac40-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:29.000Z",
"modified": "2016-03-16T14:45:29.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_86a39b2.js' AND file:hashes.SHA1 = '5594cc0915c01943b2dc5e0ab5ff352d99e64859']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9718a-daf4-44f8-afca-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:30.000Z",
"modified": "2016-03-16T14:45:30.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_86a39b2.js' AND file:hashes.SHA256 = '5909c0a62465af0e1b8b00c1b8cf56511e3805e5cbf0964054109c13496c684e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9718b-d4d0-4deb-aa49-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:31.000Z",
"modified": "2016-03-16T14:45:31.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIALB1cEjHuZEeWgkAAMUWAAAgABwAMDNiOGQ5MWVmNGMyODFmZWY1ZmMyNTMwZWZkY2ZmNzhVVAkAA4tx6VaLcelWdXgLAAEEIQAAAAQhAAAAg4R1E5ct8hfqczt0VSaZc5JHHtVZeaKI5ndRmrG8cenV67F7lKgtIau5wk43WNekyvN4WgcMYXH6YnTisgxxBP9nIHXy0SXzYjAZvW6/5ne5y+p6tSz0Kt4bA2crbt+OuHLpcScWRsi4Cbf7zucUR+rs7tbuUA2uIyFLcQKG4bIxU5LLWIfGGrQYsclR2C+r4BeCDLmGreH/8StjB2CsLnZtOyTe/73lsx5+dvs2HY3slpTg/OdEezA7yY/LRJMyZ7Mgk9WIxfetFV7eW9z2S7FeJJUz0QalOscjLGsy43guZ8dKHIsr2OIW3tOR9i97CGI9J5QlBDdvA/w4I2tTCV0NXtHiOc+oXP917st4blVLiVO3HryexrLJMqG902L1wI58zWD5fQmf8uDaSshWTidIFmq3SnZfjUbqeEJJ4mEAo7cwELSL3x0vnzzdN8zyhR6NN01dGLCAs646VAjfAOlUwFa803rVh8Ca5HAAVIWWKg9O94+uL3remHL0xw3fS97EljZ1SfHcV3dQSasVaRiKm3CdAocxUYcvo/NyHo2UBd96pBhZ8dq5UsKjRkDsceHrLzIFb6g8GIhAP9j7cJNbdRZREVvAjv8nr9XnnRzO50NQQv+tPxM52nBaOBYjHqV2cRcI1b31DiUXxursjhGnf81X8eahuJAOWvGBF0S+2AJ+cEhxSiPqArFQA/nbK4BjjNqZ+dgezJQ0V/HmE1Mp6Ekl2htCRl1wy+F8hDQi2NcPnCOjORRHTtiSIn7oEvmuM7DsitH42Q+DYrG8IyR0OlMCKcCODUR6RjIkpLVSmPZCDSfaSU7GX3SeTyQzDj0QMg0FOrLJRV6oc5/bkEVcNDk3DHKQsEoG3iL/mXBLtxD1qKFYD40hRgxxCxwVPL9NyRc0MigiLgbB23VasMgVbXgz2gnYaZk0L6/YeL6+/+hUDZxsGmFyZgkRv7EQqZJNApaRkyj8QY9nxiGr2bxnDfipaPMWBjqaXKMN3UjaELgi1vAbJjvKSvZP5914+xOIG+7ZbsksLUsKizakGUHcaLxtnX9BdewxSwjpUuu5euKiScWkg8aujN03ALHJNz1SuTg2Gxn69Ler9jUaC1LLFgz4T+WL6cPaCo92HkpearqNmYuNh3trH0LdXAMf5B7cVN4WNvOW2t1Ft1GxyJNEqaSTl6RshDX6KEKrvyE+0neNF7idko3mFStdehocrgCvD7zohjtOjiyoxzqlYkH+qEvCHfF3jvsiOY3KNJ/cIIhmEECK9LIq1JT/PiTJAr8EPvyH/0KQtRP+IPauWSRw1bB2zwxEJVvThtitqYL2GB+jIav9bMZg2QjhZ4QncTnvvVL/gIRpB1r7/3fao33oNQF0bgRVcAB13v0GZnWxsJvrxR9OzaXuLaFfkfK1jdR3UaU8UfF3v7tDdKWOERZOjqFCpqpK/J8MFbwYE/vU1oITQ+khxoJL1BHf6LvZRiHUf5lJ/4OUl49CwEQNagazuq7GJ/lG0nUtaRq+TiN4093t8xYUukfa33IDMpqQk1SG3HQX1U+kTCaZUr6LoH16wIDf7JVn/9dwoF4mbijpNBWVOBkCKonuFex2YTnGvRrlDluqtsUWwSPVsQruQ8uEmuHt/hKPeWXe1IzY/2cbX0gY55sKPwlwGbjHqvy9lfjGDwPzR7YK2xw+HIp15nbHeAbhRhkj+6DZKMU9z18zIvoIXLWu+tFPZVDlQeyDnvD8HqhJtRs3af6mU35vqoeEhkX+UF1hwcc/lPqxBv9/WmHNS0E8Lk+anzLNNaTKbAi6heAqqXpFNsai6ycOFktQPR4pDlZYYF/F1LRWMeiywzvpFnw4kzoJaC65g8GjRJmyFaV2gKRulqtnvQww/idxBG/8eVt0CZXu3lBuvX+O2Sg6lPLg5t6AAUAQ4Vj9GzH/GMCvkH3hE7BokSti/ryHz02D7p6oSsGYh7AKghDBsp0G6LiNzxXDcsvsoeF1UZuZPHhB6H2uCqkvqz7BpFAYqMnv1AzRXz5Yd/WEEizqLlo7ko4lShapCx86or9zT81K/DwZpKbP0n8lShg9v9ZcD3LPCOZeta/gR2hDDHb6PMDTpqJ3BX3Aa9MrJwAcjwTHAgcxS8TxX4LOiQn3LnPrc3gR6k9zrPGRyys7o5GSHhovH0y/7UfyGdLPVENtk+MuCOh3HDsroDt13Mx2rE9Fg43fqMO0QgxSl9CIk/QI5WWx2b7kqoXqIdkn3l75TCdO7ka5ICwWMHWxzXIy1UgIt1Prl/TBrAd/GiVfOVAGk6K/ZnXwQiVNgpo+8GPsv/KdZ7OfEn3If0n7CXsbcXL+OU9RNDHTkAqWluVVSeOHL279c+2HZ4j1ZzY4oP2bSm77CYh0B6FQaH63KUUFZ80uy4Vgy1/NJ43KT4kkCvaK6RWkbGBpbibFkSG831KkAePLBnX/4B4czH4Dl4G0uGCaynwfIBahIkwpSVtcTHH87EhMbkLc4aEf0rnCYZp2Odsft5VjSydDllg7BjsgmqG2bGKuWDd4cEqMH7w9TFS5zMUO4c22nhY/MRryF/I6y1U2quGL/fojLydSMKNO29aJAIbyF3/iA9FFdjP7pCOL19e8PEqTbALrxl0coMLuLm+t7HWholdDkY0wpIIxcEbhBzmBPudU8bqlbOCe2QpVmwylISBw7jepH7780Ght+gxQSJ3dGA/H1e5peI2D+UY2RmKC7MFxFikjHh8wxkGPE/Gzi0ssV4Ky4lfNhCS9Y1Nf0lasMN8IFpNLAO7kJjiIo3/WmQk0jxiLHZLYsUxuD70g2w9Jf4jechwHWQf5WC7sgBAYfceqCyCRZd4f/po3fMmlvEYdl2amk9hsWcZlEvJyTzbJuWLe/KDW5nniROPt34Mqf7jabC9tbfXnK/ge1MkbkI4hynLzxxdaNXf6upuEGFB7GCoWigvQaXkTHERgdtmr3kekf2SYYTv0XsFS86ocXfVnPhcykDxRssDsWCasEIOcWIWXo/UN62dNYDzFiGEeUx4xv5fvF4VW+/m3I8U+/DeMdV02G39hgxFMFbqMfet0A05aoGfUoYBU5++aW8Mck9Xj//PKZ/xmJeID4HePPqlqCQAFXdSRp9+bwssQbS5+dAicUlCedhNjzcDtboHKCEfhZctGUk/A0GGj+VbyjD7830Okz7KfbKMjtP33K5rEqTssUEsHCMe5kR5aCQAAxRYAAFBLAwQKAAkAAACwdXBIBgz7Qx8AAAATAAAALQAcADAzYjhkOTFlZjRjMjgxZmVmNWZjMjUzMGVmZGNmZjc4LmZpbGVuYW1lLnR4dFVUCQADi3HpVotx6VZ1eAsAAQQhAAAABCEAAADwzfmjWomKHurgEW0SXrbtRba1tZ/es7OdAl7CN5gpUEsHCAYM+0MfAAAAEwAAAFBLAQIeAxQACQAIALB1cEjHuZEeWgkAAMUWAAAgABgAAAAAAAEAAACkgQAAAAAwM2I4ZDkxZWY0YzI4MWZlZjVmYzI1MzBlZmRjZmY3OFVUBQADi3HpVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAALB1cEgGDPtDHwAAABMAAAAtABgAAAAAAAEAAACkgcQJAAAwM2I4ZDkxZWY0YzI4MWZlZjVmYzI1MzBlZmRjZmY3OC5maWxlbmFtZS50eHRVVAUAA4tx6VZ1eAsAAQQhAAAABCEAAABQSwUGAAAAAAIAAgDZAAAAWgoAAAAA' AND file:name = 'billing_110ad2c4.js' AND file:hashes.MD5 = '03b8d91ef4c281fef5fc2530efdcff78' AND file:content_ref.mime_type = 'application/zip' AND file:content_ref.encryption_algori
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9718b-ccec-484f-a1f3-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:31.000Z",
"modified": "2016-03-16T14:45:31.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_110ad2c4.js' AND file:hashes.SHA1 = 'fb5085a47c9d5325169dd32c34f03e14092547b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9718c-0034-402a-9fb2-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:32.000Z",
"modified": "2016-03-16T14:45:32.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_110ad2c4.js' AND file:hashes.SHA256 = '396f97e573bb221b71f402ef04a418505b11c2d43e190e55221345c2b4a0d27b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:45:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a7-debc-4672-aec3-44fd02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:59.000Z",
"modified": "2016-03-16T14:45:59.000Z",
"first_observed": "2016-03-16T14:45:59Z",
"last_observed": "2016-03-16T14:45:59Z",
"number_observed": 1,
"object_refs": [
"url--56e971a7-debc-4672-aec3-44fd02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a7-debc-4672-aec3-44fd02de0b81",
"value": "https://www.virustotal.com/file/396f97e573bb221b71f402ef04a418505b11c2d43e190e55221345c2b4a0d27b/analysis/1458131411/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a7-3d9c-4b76-be74-45f602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:59.000Z",
"modified": "2016-03-16T14:45:59.000Z",
"first_observed": "2016-03-16T14:45:59Z",
"last_observed": "2016-03-16T14:45:59Z",
"number_observed": 1,
"object_refs": [
"url--56e971a7-3d9c-4b76-be74-45f602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a7-3d9c-4b76-be74-45f602de0b81",
"value": "https://www.virustotal.com/file/5909c0a62465af0e1b8b00c1b8cf56511e3805e5cbf0964054109c13496c684e/analysis/1458131487/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a7-babc-441c-a37c-43de02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:45:59.000Z",
"modified": "2016-03-16T14:45:59.000Z",
"first_observed": "2016-03-16T14:45:59Z",
"last_observed": "2016-03-16T14:45:59Z",
"number_observed": 1,
"object_refs": [
"url--56e971a7-babc-441c-a37c-43de02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a7-babc-441c-a37c-43de02de0b81",
"value": "https://www.virustotal.com/file/5b6684eebb00e4f63f2a84ee95a75dd70059750e9b4618e56c6cc84693449571/analysis/1458110370/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a8-3eec-418b-83d7-421c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:00.000Z",
"modified": "2016-03-16T14:46:00.000Z",
"first_observed": "2016-03-16T14:46:00Z",
"last_observed": "2016-03-16T14:46:00Z",
"number_observed": 1,
"object_refs": [
"url--56e971a8-3eec-418b-83d7-421c02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a8-3eec-418b-83d7-421c02de0b81",
"value": "https://www.virustotal.com/file/06b4578369cbd7241869e4ce5a205274a920280f0484faa05fbb6df42c0638be/analysis/1458128356/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a8-7d0c-41f5-90fd-45f902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:00.000Z",
"modified": "2016-03-16T14:46:00.000Z",
"first_observed": "2016-03-16T14:46:00Z",
"last_observed": "2016-03-16T14:46:00Z",
"number_observed": 1,
"object_refs": [
"url--56e971a8-7d0c-41f5-90fd-45f902de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a8-7d0c-41f5-90fd-45f902de0b81",
"value": "https://www.virustotal.com/file/72867590c7ec183db9121586299aceb63857906a9a894ed318e3b8481359137e/analysis/1458133185/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a8-65fc-4f7a-8ffd-473002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:00.000Z",
"modified": "2016-03-16T14:46:00.000Z",
"first_observed": "2016-03-16T14:46:00Z",
"last_observed": "2016-03-16T14:46:00Z",
"number_observed": 1,
"object_refs": [
"url--56e971a8-65fc-4f7a-8ffd-473002de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a8-65fc-4f7a-8ffd-473002de0b81",
"value": "https://www.virustotal.com/file/b19eabbbeb7752fb44d933677ebac325da856af6d401bd5826193e3ae976036c/analysis/1458131448/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a9-b99c-4fe5-9a36-480b02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:01.000Z",
"modified": "2016-03-16T14:46:01.000Z",
"first_observed": "2016-03-16T14:46:01Z",
"last_observed": "2016-03-16T14:46:01Z",
"number_observed": 1,
"object_refs": [
"url--56e971a9-b99c-4fe5-9a36-480b02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a9-b99c-4fe5-9a36-480b02de0b81",
"value": "https://www.virustotal.com/file/9139aa984fa1854309220de0b2779d30b2280628482d26f50f3c7150596bb915/analysis/1458112867/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a9-7f2c-4397-85c7-42f602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:01.000Z",
"modified": "2016-03-16T14:46:01.000Z",
"first_observed": "2016-03-16T14:46:01Z",
"last_observed": "2016-03-16T14:46:01Z",
"number_observed": 1,
"object_refs": [
"url--56e971a9-7f2c-4397-85c7-42f602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a9-7f2c-4397-85c7-42f602de0b81",
"value": "https://www.virustotal.com/file/c976e6b67aad961399faa2147d54a299574d21c030b3f565d3b06ea3f69dd490/analysis/1458133551/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971a9-cb20-453b-a512-410802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:01.000Z",
"modified": "2016-03-16T14:46:01.000Z",
"first_observed": "2016-03-16T14:46:01Z",
"last_observed": "2016-03-16T14:46:01Z",
"number_observed": 1,
"object_refs": [
"url--56e971a9-cb20-453b-a512-410802de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971a9-cb20-453b-a512-410802de0b81",
"value": "https://www.virustotal.com/file/fc86538969071aa5653fef7759d408d0595f49a32edbfd080311466ff38c005f/analysis/1458124339/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ab-d234-40c2-833b-4e4a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:03.000Z",
"modified": "2016-03-16T14:46:03.000Z",
"first_observed": "2016-03-16T14:46:03Z",
"last_observed": "2016-03-16T14:46:03Z",
"number_observed": 1,
"object_refs": [
"url--56e971ab-d234-40c2-833b-4e4a02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ab-d234-40c2-833b-4e4a02de0b81",
"value": "https://www.virustotal.com/file/3e6131108e2e25b068be1331cb5c2c938d58c11d9fe71a7022867c45f0a37a8b/analysis/1458131606/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ab-4c98-49e4-bb93-4df302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:03.000Z",
"modified": "2016-03-16T14:46:03.000Z",
"first_observed": "2016-03-16T14:46:03Z",
"last_observed": "2016-03-16T14:46:03Z",
"number_observed": 1,
"object_refs": [
"url--56e971ab-4c98-49e4-bb93-4df302de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ab-4c98-49e4-bb93-4df302de0b81",
"value": "https://www.virustotal.com/file/4750d2e22237806dc486b2b62cad75bbdba472002e8affe2bf12e46631a674dd/analysis/1458131602/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ac-3cb4-4870-b80f-4bcf02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:04.000Z",
"modified": "2016-03-16T14:46:04.000Z",
"first_observed": "2016-03-16T14:46:04Z",
"last_observed": "2016-03-16T14:46:04Z",
"number_observed": 1,
"object_refs": [
"url--56e971ac-3cb4-4870-b80f-4bcf02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ac-3cb4-4870-b80f-4bcf02de0b81",
"value": "https://www.virustotal.com/file/57c26d8eb40ab3e447a170eb3f84ca3522ffac8854e18045ff99efa47615a82c/analysis/1458131459/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ac-8848-4e99-9e31-478902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:04.000Z",
"modified": "2016-03-16T14:46:04.000Z",
"first_observed": "2016-03-16T14:46:04Z",
"last_observed": "2016-03-16T14:46:04Z",
"number_observed": 1,
"object_refs": [
"url--56e971ac-8848-4e99-9e31-478902de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ac-8848-4e99-9e31-478902de0b81",
"value": "https://www.virustotal.com/file/c136c5c128e95e4a083f759c48e93d9f4d59125d51efed4e169488385de9269f/analysis/1458127492/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ac-5814-427e-a44b-476b02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:04.000Z",
"modified": "2016-03-16T14:46:04.000Z",
"first_observed": "2016-03-16T14:46:04Z",
"last_observed": "2016-03-16T14:46:04Z",
"number_observed": 1,
"object_refs": [
"url--56e971ac-5814-427e-a44b-476b02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ac-5814-427e-a44b-476b02de0b81",
"value": "https://www.virustotal.com/file/381419177455ac798ee039919067709905c74ebfbb024bc64661441245b021c2/analysis/1458131420/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ad-c4a0-4f57-9795-4aa302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:05.000Z",
"modified": "2016-03-16T14:46:05.000Z",
"first_observed": "2016-03-16T14:46:05Z",
"last_observed": "2016-03-16T14:46:05Z",
"number_observed": 1,
"object_refs": [
"url--56e971ad-c4a0-4f57-9795-4aa302de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ad-c4a0-4f57-9795-4aa302de0b81",
"value": "https://www.virustotal.com/file/34a0167c1038006c46bbbf56bfd9ece8a6f9ade8495d54251f9b31eeaef1c881/analysis/1458110083/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ad-8b94-4f7f-bc83-40ec02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:05.000Z",
"modified": "2016-03-16T14:46:05.000Z",
"first_observed": "2016-03-16T14:46:05Z",
"last_observed": "2016-03-16T14:46:05Z",
"number_observed": 1,
"object_refs": [
"url--56e971ad-8b94-4f7f-bc83-40ec02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ad-8b94-4f7f-bc83-40ec02de0b81",
"value": "https://www.virustotal.com/file/602b4084ec641e7c6145a5bb2065b7aa40fa2fa3ee677a495fc85b5b1063772f/analysis/1458128435/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ae-86e0-4cee-afcb-4ab402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:06.000Z",
"modified": "2016-03-16T14:46:06.000Z",
"first_observed": "2016-03-16T14:46:06Z",
"last_observed": "2016-03-16T14:46:06Z",
"number_observed": 1,
"object_refs": [
"url--56e971ae-86e0-4cee-afcb-4ab402de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ae-86e0-4cee-afcb-4ab402de0b81",
"value": "https://www.virustotal.com/file/261ce0cec0faf247d00bc1c8866c7a25dd037ee2687980577eb3c326c236f3e1/analysis/1458138250/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ae-bfd8-4feb-a21d-4f2002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:06.000Z",
"modified": "2016-03-16T14:46:06.000Z",
"first_observed": "2016-03-16T14:46:06Z",
"last_observed": "2016-03-16T14:46:06Z",
"number_observed": 1,
"object_refs": [
"url--56e971ae-bfd8-4feb-a21d-4f2002de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ae-bfd8-4feb-a21d-4f2002de0b81",
"value": "https://www.virustotal.com/file/91d377ee2119ab7283107dd0fb3ede3ab5650557eafc0d343e757004990f335f/analysis/1458130121/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971ae-2e18-4e5a-9c62-425d02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:06.000Z",
"modified": "2016-03-16T14:46:06.000Z",
"first_observed": "2016-03-16T14:46:06Z",
"last_observed": "2016-03-16T14:46:06Z",
"number_observed": 1,
"object_refs": [
"url--56e971ae-2e18-4e5a-9c62-425d02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971ae-2e18-4e5a-9c62-425d02de0b81",
"value": "https://www.virustotal.com/file/fc28df70d52ee41ef72c3abc7ce35d7ef38a1253cb137f3d6da8461a0888184b/analysis/1458124330/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971af-23ac-4c22-9e19-418302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:07.000Z",
"modified": "2016-03-16T14:46:07.000Z",
"first_observed": "2016-03-16T14:46:07Z",
"last_observed": "2016-03-16T14:46:07Z",
"number_observed": 1,
"object_refs": [
"url--56e971af-23ac-4c22-9e19-418302de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971af-23ac-4c22-9e19-418302de0b81",
"value": "https://www.virustotal.com/file/a9616f75178f5946c0e3b1367a1dfef034ff83f566d8e3285d9f5d0bfbae4e04/analysis/1458131411/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971af-9ed0-4d53-98a0-447602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:07.000Z",
"modified": "2016-03-16T14:46:07.000Z",
"first_observed": "2016-03-16T14:46:07Z",
"last_observed": "2016-03-16T14:46:07Z",
"number_observed": 1,
"object_refs": [
"url--56e971af-9ed0-4d53-98a0-447602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971af-9ed0-4d53-98a0-447602de0b81",
"value": "https://www.virustotal.com/file/e545100971c16946bbd4a86bff670c17f8440b3efef39b6391195e47a55917e0/analysis/1458121188/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971af-23d0-46b8-939c-4f5102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:07.000Z",
"modified": "2016-03-16T14:46:07.000Z",
"first_observed": "2016-03-16T14:46:07Z",
"last_observed": "2016-03-16T14:46:07Z",
"number_observed": 1,
"object_refs": [
"url--56e971af-23d0-46b8-939c-4f5102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971af-23d0-46b8-939c-4f5102de0b81",
"value": "https://www.virustotal.com/file/7bb2e629f366f938cc2d6778804f413a372ddd3ce9637e17205e0961e4e1ec8d/analysis/1458130511/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b0-e124-4a23-bef8-469102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:08.000Z",
"modified": "2016-03-16T14:46:08.000Z",
"first_observed": "2016-03-16T14:46:08Z",
"last_observed": "2016-03-16T14:46:08Z",
"number_observed": 1,
"object_refs": [
"url--56e971b0-e124-4a23-bef8-469102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b0-e124-4a23-bef8-469102de0b81",
"value": "https://www.virustotal.com/file/f0ce08d7cf47baa342274474ef9db7714e6a79fed9cc4ad9744aeecb524e2821/analysis/1458113745/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b0-9084-4dcd-8b57-409302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:08.000Z",
"modified": "2016-03-16T14:46:08.000Z",
"first_observed": "2016-03-16T14:46:08Z",
"last_observed": "2016-03-16T14:46:08Z",
"number_observed": 1,
"object_refs": [
"url--56e971b0-9084-4dcd-8b57-409302de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b0-9084-4dcd-8b57-409302de0b81",
"value": "https://www.virustotal.com/file/799925ac2fd7020f2fde87ee9c43d3c18e33ebe8ff0ebdaeb03bc71f96a6264b/analysis/1458130513/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b0-760c-485e-8f52-496602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:08.000Z",
"modified": "2016-03-16T14:46:08.000Z",
"first_observed": "2016-03-16T14:46:08Z",
"last_observed": "2016-03-16T14:46:08Z",
"number_observed": 1,
"object_refs": [
"url--56e971b0-760c-485e-8f52-496602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b0-760c-485e-8f52-496602de0b81",
"value": "https://www.virustotal.com/file/50f1e7bb019c860712eea54d9a7874274530b3c6882b7064193a640b4dcedd9e/analysis/1458121061/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b1-5594-48e2-9e68-45f102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:09.000Z",
"modified": "2016-03-16T14:46:09.000Z",
"first_observed": "2016-03-16T14:46:09Z",
"last_observed": "2016-03-16T14:46:09Z",
"number_observed": 1,
"object_refs": [
"url--56e971b1-5594-48e2-9e68-45f102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b1-5594-48e2-9e68-45f102de0b81",
"value": "https://www.virustotal.com/file/789b749ba806319c37ccf914553b09e0a1f2d1722662a3e3e3ff6cec3f614789/analysis/1458130516/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b1-5b24-434a-a98a-4d8e02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:09.000Z",
"modified": "2016-03-16T14:46:09.000Z",
"first_observed": "2016-03-16T14:46:09Z",
"last_observed": "2016-03-16T14:46:09Z",
"number_observed": 1,
"object_refs": [
"url--56e971b1-5b24-434a-a98a-4d8e02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b1-5b24-434a-a98a-4d8e02de0b81",
"value": "https://www.virustotal.com/file/6f1efb635b8719941c1df5ef5ace79910978449b705e1f78bd71db5821d9fd8d/analysis/1458120987/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b2-16e0-49ab-9fd7-4cb502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:10.000Z",
"modified": "2016-03-16T14:46:10.000Z",
"first_observed": "2016-03-16T14:46:10Z",
"last_observed": "2016-03-16T14:46:10Z",
"number_observed": 1,
"object_refs": [
"url--56e971b2-16e0-49ab-9fd7-4cb502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b2-16e0-49ab-9fd7-4cb502de0b81",
"value": "https://www.virustotal.com/file/ab735a10e8ba52b7247c3faf9a49b01ce81ab9ae9339eb8915ddd71d48aaa9fc/analysis/1458138782/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b2-91c0-467d-b76b-44cd02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:10.000Z",
"modified": "2016-03-16T14:46:10.000Z",
"first_observed": "2016-03-16T14:46:10Z",
"last_observed": "2016-03-16T14:46:10Z",
"number_observed": 1,
"object_refs": [
"url--56e971b2-91c0-467d-b76b-44cd02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b2-91c0-467d-b76b-44cd02de0b81",
"value": "https://www.virustotal.com/file/2edb43b30d9c9352247a692a795c82a949ae4b7870cda625de901943696b0f03/analysis/1458130510/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e971b2-9d24-464a-ad97-4fdf02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:46:10.000Z",
"modified": "2016-03-16T14:46:10.000Z",
"first_observed": "2016-03-16T14:46:10Z",
"last_observed": "2016-03-16T14:46:10Z",
"number_observed": 1,
"object_refs": [
"url--56e971b2-9d24-464a-ad97-4fdf02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e971b2-9d24-464a-ad97-4fdf02de0b81",
"value": "https://www.virustotal.com/file/55b5718aedf3aa9687f4d63c4d86cd7fac51b6e88887a569df1774d5039c7905/analysis/1458083244/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9613b-aa58-46d7-8843-4679950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:35:55.000Z",
"modified": "2016-03-16T13:35:55.000Z",
"description": "Automatically added (via 4ggh45yh45|8156b52971c9907f2d232d105b6fcd1d53ffff91)",
"pattern": "[file:name = '4ggh45yh45' AND file:hashes.MD5 = '296ec37583ed175716fed7be1e2bf519']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:35:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9613e-79fc-445d-a132-5391950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:35:58.000Z",
"modified": "2016-03-16T13:35:58.000Z",
"description": "Automatically added (via 8y7hybigv|38545700ce80b517f103b91cc1de905c507d02d5)",
"pattern": "[file:name = '8y7hybigv' AND file:hashes.MD5 = '8d57943a277830544fc7204a0912d937']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:35:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e96140-55c8-4356-8062-4b29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:36:00.000Z",
"modified": "2016-03-16T13:36:00.000Z",
"description": "Automatically added (via 9oi654gh3|7cdeb0d1532fe76ac549e408b591ae2597f4e339)",
"pattern": "[file:name = '9oi654gh3' AND file:hashes.MD5 = 'fdd7c4eae9ff2b72b595f91060dea8e9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:36:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e96141-03e4-4e0a-ae9d-4e1e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:36:01.000Z",
"modified": "2016-03-16T13:36:01.000Z",
"description": "Automatically added (via 87hg8n54|bb66e3f61b1a6543b7253d616baf0e951709005f)",
"pattern": "[file:name = '87hg8n54' AND file:hashes.MD5 = '64601da4f940d4f4173a8fbf2742065f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:36:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e96143-51d0-4411-b49e-4cd4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T13:36:03.000Z",
"modified": "2016-03-16T13:36:03.000Z",
"description": "Automatically added (via y78hiuok|4f94153bb25c54835778ea44307ab5cd49a228f6)",
"pattern": "[file:name = 'y78hiuok' AND file:hashes.MD5 = 'a02f352bb0f1e0513a7c9cc8428f353b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T13:36:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ea-3f00-4b1b-98be-4b76950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:38.000Z",
"modified": "2016-03-16T14:55:38.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPN2cEht54/hrAkAAGQXAAAgABwAMjVkNzc4NGRhNWFmNDJmYmZiNDQ3NTQwYWI0ZThjZWJVVAkAA+pz6Vbqc+lWdXgLAAEEIQAAAAQhAAAAu3wi5o55s4S/EXdzK+Tzxn4EuseysYJz5UoeAhVSmh1V+Gp0Clc7QVGMOW7nzGUnq3d0B4HbFtSib2QxQMAZwFFDEuxCQcHgr6nddNKVol/cc02wst5yjNdYltN59hfObMGM2m0cP6FZe1LVfGzoPPST3anqAxe1iiLquEK+gQODmlQ5+t2nSARLSSwlGYARSUBizE/KQOEAAe0rEORRyxjQKPxp57gChhX155jukten0o5B4iaTGy7RDLOnVgEog3hSJptE38280yapSc9m45MWXS8mhbAi894YeexQUWymnJARIEiYxQuB6XaIl6PnGoQ7yQHmbKIp86qNUw/k1VI7ClrtJ+l0cwl94b9GocWR1mHkwR2q4ljgRUht4k3vnCSjZXFSt5R3oJbF4cGhRpXxU9xxXxnCHuJo+27KQ4tIy27NxOwNt3x4oqdAwCb1otUAipLrI84uH4tGloWb/CxYC3haGP5ooAqWkZeXBjzCnDqWyJbK23gJlmrLgptzCZCLsBMirXOJBrdOFcB+5oLieXxneVvHVNH+tps66I+3E5by4E5XVt1v6HLC7Vyqij6qmgFwCjMVr19RpDEq7EMR1CHhE9VhgzbeQ83KKsAb/aT22RTiaSSQDyuaW5CRCMoGslyZjCroUNKtPiw8mg/J6BGr1Atc6vBpv6njeIOjfWHVjdRf/vQg6b9rgAMCeegy9xq/N752PGMHUVabqeAKNKp4JBuzIMwhboxjqJB/Vvj98FMSS0izY6n3gRUvtXu4zwdFNEtLHDmhG55ejK8I68aQ6zwSzr/wcqbjVClAGfzaL9h+Izn7vLRD9rnh1xWIZ//PCE8iOXlEesNohHEp9kQz6ENqZgBF24wEW78Uv2AC++yH2vKv9jqJ6H0TkDSF8AtMnKKg6t5rekn82a9OEX5x9V3qfgdCIR8K8apRnjUDVG4nceK0vP3sxiCugwOhGm70+PuBcpX51p+nHAaW8/36HdEmcFgPPOQzhreuC/AWrh8v53W+cpAVcqtmpPUZ/kS0+VOzMwAZYNmYHWdfATMxh1MlfnWPf5UpwSBiGFjVzlrbaW2R1kQ58e82uHc1vr7HbBHSosBmgpOBWMpmhGR81xFJM5G9Kpxu9Q+qIThaaoEegMDAZj+eRPQcc2e31dnAlI9bl59vXz09B+7jsY5KsSuX75AmpMZMiHWW8xxcjERgHN+kS9KWdWxA7vkzT1uDM2LKL2RvBFnKo4y15NS8VhHZGcTZTzazkjNS5US7Frop13aJWBna3Xj/p1kZbWN+VP+5KzaIHYB/jRmLnw2Uoz5Ejsk4+U/7kdVj3ynupeOt/N/BJjzv3nnNe1o+hyQvnYDZj4503B93qUzYu/BsqTJMXIoBXHD4ZCfE7o5aFVgt3kN2ztVK+a8aHFV1/vCHMReEtjcITbFBJpSzWAKM2SWr89/Bc9FTuTcpCu6H5NDOEEm+lqdxv2aov96UJr1E4ExIqswh6qDA08NaH9IaD66R05JdQGyRCASbMW3Xz/SpPNcL5K0JWFmMz37geQWldnr5mzVjup1hyfYM6wx21sYj4xMlcre9yqiCMUpxZADNwyVgEeRsFoRbkbONwzqQgrX2zi5hZoqvCGABEpbVboSmFJ88uWLwAg4SOq2xo/oICI6MDr6BW9p8nQXqkPq9PvOn1xjkjgsftShwlJ4gzYSPLgw5JJO+b0EzPJdqL2JP2PUvaX5npzAlFj050x/nO3QvaFvWP4mPdwGWWuePE7IJAQeQuFie7N1yKnf9rngx/9F5V9NRpD9jgwkkOsqNKsrbZ6PWyNsW/b/EGkNoMbmMFqoiJ2DEP38KscAZcuSeYLeKQekMQuO7JofijnJhZ5d4CjTXu6+utys+ihRaBCtS7jEc9Bd4tQ8VC0HDkEd22FQWKznlZq6qAhFsI+N7L72QSJdaVEF79Nt/0+YpLrlWM3QRL+ffY9H0yoYximFC2mPEeY58Z2VpFY7UCfdN3dGUaeHrewncjNf2lE/WYbWWJArcPDgx9IOWZK6GuLT9YEF+8CazXIylkPQx0umtyQR65B5eP/PIVCMh14QOkr6UYohxlHiETx3A+Kf2kmTSbdYxrMED0I4KKDQcTamMv9v15/ms/Lsi6p7E6C+XuW5HQJ8vEEUlr8udRdS8c4AnUCYx6ZGbrcPdPRu4CNkUsDi4EUgCHboS2WM4kTNMzYwjp/ZoT/le0x2sMJQihds9kQ1kBNTPRvQ6bZmX7Njcw0sXCR6/Xn3mQHHNNIHnU/6xJiBtXZNj9XrWMx38O7bQuHABXvLxaLXUHPx+Vr+d2BUjxztPwlHlH7b33Hwph2PiS5CaTbHxqa5RGeSfBg92UjC1I1hrecBKIdi1OtwZHNpJ2pYdVhNfLt7VMt6lmIHFJmT03Ezfd8z61iUQg/EjxXLeOfax8Sez8hvgm2hhy6969ZCR0rYwwpiUgyBfP1mZBTj0JIshxXRjXvJaCKbaF9YHAlF3HamIqy7C8amRCqchu8orM8jelbkkDzwNy5rY0DzjQFU8smpBXLTT8v+BF35YgdlP8y+QJRdvdZfFpV/cjScBxZDAWToba/YFYEGIeNGcn5W4fPsU0qkE86qvdjq0v1w5WGiQQLllWlXXuBxsjUY8+rNgrDuombAKnEHK4Fzr62uC0EBrxQQIMmgUwCoHt+ekOwwRpg9dHnz8Gq5TiQZmalOkci4S69vQL4HfOSIfBNy+Q8K4g8t+++hy/w/Q8QnLVoPWP3lTyeuNvq6L7woxwRHJjdiBsnqkev8LWNfD9J/FOcXIGOcojfWijE1WBa25+ApGCMKoo9sg2lcoF6CDV0EJdkefAB1kXOUGBIRztSQwlIZgPRw/mG4RTr6UC5CTags85WKVefn0YeP0NpgLUX/4rCJMi8iOF+2KWuEFTHhZQ547kPkByjaurUf8dCNaBvi1VUPiqRrklQa4i7pIYsDqOPslGRrBMijmhk7Nmj7mkaQYeZfETZI7E92ArsKcVwJ1WNAGsifPbV40SGdir6GeZU4/R3UB8+JZLFswV3fdNwTGqIBg9Nx6trlKhEAFUA6gIAvDF+Ojuh4lcAe9sdJXty3LQx1vQUQOz14QpvFzXbY3XI5cZXqsv1Xoiyai0lGinskSSeRdtyqUKVHI6wINeq64RBxJ1KZ2MlfF0m2cSeRBiQHwg3fDTAog/5AATqCoO74Ti13jVy2TTKJbg2/v9CyPJwYB88cbg2QfyvzZCEYDJ5e6n9mmfWaARMVg8wHPSqO+96jvK+zcJfqUSHtFc1vpO2GDOc8ZZ2sau1BLBwht54/hrAkAAGQXAABQSwMECgAJAAAA83ZwSAsbQz4dAAAAEQAAAC0AHAAyNWQ3Nzg0ZGE1YWY0MmZiZmI0NDc1NDBhYjRlOGNlYi5maWxlbmFtZS50eHRVVAkAA+pz6Vbqc+lWdXgLAAEEIQAAAAQhAAAAkdKKgIjdCbjKjtiS6WKaU1jL7cNMHGOnY+3s/gVQSwcICxtDPh0AAAARAAAAUEsBAh4DFAAJAAgA83ZwSG3nj+GsCQAAZBcAACAAGAAAAAAAAQAAAKSBAAAAADI1ZDc3ODRkYTVhZjQyZmJmYjQ0NzU0MGFiNGU4Y2ViVVQFAAPqc+lWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAA83ZwSAsbQz4dAAAAEQAAAC0AGAAAAAAAAQAAAKSBFgoAADI1ZDc3ODRkYTVhZjQyZmJmYjQ0NzU0MGFiNGU4Y2ViLmZpbGVuYW1lLnR4dFVUBQAD6nPpVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAACqCgAAAAA=' AND file:name = 'billing_4537d2.js' AND file:hashes.MD5 = '25d7784da5af42fbf
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ea-bf04-43b7-9ce3-4f40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:38.000Z",
"modified": "2016-03-16T14:55:38.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_4537d2.js' AND file:hashes.SHA1 = '677e432b468016a061ffaee79262775669995dfb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973eb-db50-4c60-b7a2-4408950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:39.000Z",
"modified": "2016-03-16T14:55:39.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_4537d2.js' AND file:hashes.SHA256 = '59a37ce06877638c6c4089c42a0ffbbb4bfb0443f8bba0d7f696fa1c0299d90c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ec-a17c-48b5-b2ba-42d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:40.000Z",
"modified": "2016-03-16T14:55:40.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPR2cEhnMd9zsgkAAKMXAAAgABwAOTNjZDYxMjU1NzhjZjI4ZWVkMzk2NjEzZjQxODhlZTNVVAkAA+xz6Vbsc+lWdXgLAAEEIQAAAAQhAAAApz2Df/6bjV6CwXwdb+cW9VFjxUUk9GYy/cW4QdSjvGpTVUx2pL/MhkKXOXMhGklmfvgW6rto+0KR1cyACuPIXschvPXLd3Fw8twSDU5uylwQFaQby0cvL5MB33DSMAnPjphOqBh63WDTLoKhPo04GdA9RuWYwT2gT3aDXoB5pHDX2MzyQQIgem5lKTh5Gs4b2iGGsAe/IO8VvGeZ7tlBfGEbH2e3FYBxRK13sgE6oGGNpmg5ZeJdo6B8fWmRJFvsxRE6MWoyxDcUfcdMCYtptu1i4q/M6R0chacsH9nXdlP8mNXOmZYQpT0FWO4NXVtA84TtwHEKy545hTsAoMarhaoH7/Yjw7+5zcECBOnQEoUHeFFzwo5EiwflOr/jDThbUUPaJRe4fx+qYuvrMPwFPxs0feOUiDZD4VF3Yjoo58rezWs0iDwIKb/nTDKW1EMjcnmVXOUtPE8e/zacy9M6zqvEv+7W1jxDKp5PxeALb4Y32JeaKJLTgzzinxTXDu0fNId8qFdDa38fgV+YQYek3K91uAGPB2SpeWjvtFArzMkf7RNOkraY5hzqxn0R0LqMoZztdPFNCQ/hBg0yTIW06xupzZfjFsF3lH2h85EjeRWpMr5qmTYhsT5mj5QxCO1CsIblyzAEjdsMOLjSF/DmpanhiJ14vcxFrqD/g54F+hjYGW1xHhcvbcasEfgRgLfowR+Owwus6COO9ax9/bmgUqxIcqD8+Uk6L2K+tYnHhuxNxj/ay3yDTCWRWB3lItfBwdK2QvxEYpd18SYq2Ep+s4IQ6/xvApC18+uJKZEyrogcObwxemmvAWNG3T8RW2zEmEGVk4SKjBZuDmXD9cnwgdtdxwvmzl6rGnIhWShXrACOUa+y4kwNl9Agd6pNhTErM3otl18s9BskVi3NWKfdcE/rnyDqKnAYhT/9ozCdbyHtk1lx+N44k7YWh8tDHy9QUslaBBaebmwtec/WyjNDULuC+hbCoeQI6lyRXCH+TOKFb2GY8bEWZo3EM0GkOj/9VX6maUjld1I0vH6otnafpcXmxARiKd/dp6toPvxtsWKBc2b2MMSuv+PyWHESA81O0pDkxKUysaozvYwJ0V9xz6cXMNCFaiacdigQm54kp6atZR1MWQshygxta20+ic5pq66960TLlYypX77ma4w53a4FaEDGrPLR55ss0IJbaXj+2XeE+COH5a2rIdyUp+pJkKLGymMx4w7X+jPfhpjoTrjyPXQkxSjD3LNXo0I2AQGOBmWfBEJX0WQjO1LeBWJhGDW/FsdbRRAQtxeLXYPF+NpkTchuKGw0tR8OcwrGZiEVijc6XdyRMvg+/7WBOvTvlBGswMx25HTET3nnBYyYvr18lANsjbSmd3kY9z7ViTU8Sf4m+h3ryJg1FGcshKCoRXx55Rp9NcvPPnutcb4IXBq13HRI6cIjkf4XshQyiw3j6vK5sR9Zm5yOJt87YEylFglsMGRp79gk9dKCNIcgsdWegwOGYF8SpnahH0VmVNFFv9YWQ1+juBNuXbH8xNqd0Is5io0m+Jo/wvkWIaRP0HGmndMpXac05ABBhzGSAkW5rBbqwbectDeUUkVNYq7oe5p3T5dEJ/fbZyM3sDFiEGvIvAgfK9V+nbl53Cukr9SEPpKeesWlrEPoPz0RLrl9FO0UlIMdTABpn4/Cf7TKyVAfgnnT8Rg+fqOAgvcyNz69t26RNw/SOn+ThxfSUCg2MZOaSxWPwwUe76KXiioL+6MDBN4LhUtbxwdiA2yqAaYZvN+xPcDa/FgI+ttiF0JGtMxg5tOiED24zpi8zFGo5ZtHNRQ0yB+CIaYgKtQwPSUjoK7hWrFX4R9fKzoMkIyp5MK+5ZOUl2INBH0GNM8E9nBrUjXBQa15eQXtB/c2szZZo1B3ZW0xDojfEEzt45rizZenLSZxm+RUNTEUYhfo19U8iTEYDzUz6dCyRpM/Gnu9x5n48OCGbqEY/lshfMsfG6OFskuElfnWNLzOqIfFO33CA2YfiQQzSPdKaArS+wF9H+XsFLB7PVckRiR+/WVoLOG0zAB4F7Nxfc5XoXOCiOFcYkCOCwAXReIHjmrKNG3ku4LZ8LkKkZEiYQo6cC1ZO+/3GlaV5bDRzLyAOlQzu8hdlSKI0JTEatSP3tn3np+xJITBWsdozoavGOXA1PlSn4wQf5oj0mxfspw3THsCeDEyfWEyjwvEoNNI86VaKHbZFC+5bjncaY0BweUf9Ak1Q0RGAloSfPbpJ46T6OYT9o1ESYPH4ZV8uyh6IQPTGR+USC4Zpe5/eQ/S4EtbAvmGpoclyacnWKWfXwFUy2Q6v5FX7XiwrNKpSEJ1SpnoNbw9A90CLnbnG/OapPMYsHZuu033xphYha3mIJ4e7jZUuidXTXvFNFc7dxENxTKIrYDRwGbT2KOJnbrf1F/X9oeiY6y3Hf5nSB4WY+8ExtU9MNC6H7O5FCC+vzt6lkwN8E3bnA1RMUex5faG7b0WgN5/p7mv7K/ihmy2Ekrwc3M98mwl4hacBAbeNJ34poZg01iLbAHwiFQy4UDmMRZTm6XCiNfbd3iMMJjREiiKtOzOm9dgqlZqMvy+pXRF4dUzafMFGZUmRpiLEYvCMs117r9+tVcDSMHURMUAonyo4ON6fQ396yE27Y0xlPJQ8yebPSAxsVaTY3TwIitAloqmLj4UL5450YrlgMXiORUOcOXwYWBs8IKGIUdEdU2vPVGfycrkupl4s8T396WMsJRlImbOYyIgC4O8jumumFeOMwjL1YTnE3PqpYElMg9GYRpu3KNiq1AU2crl8YlL978ORAAzDPGJ9PFUPlfG8Sa0NsqlctdEWUhrRD5f6KMgao6nNjjhTeE0mVoVVLXW4znPaPacAw+D2dzfz7at8jBgmR4M6ckBrXK1r1O2/AiQQGUEzxIx071qK88RzC/lfZP4p9QUBE8DVK+GyDIAG9703X0M6opS8iuUCpKSnWh4nvikdnMEq24AHHoluFZ1aTz0PxB+QsWiTa7mC2OhuzdbmO0L/eW1Nf0r6CvVoZ8H0/eSO2qlEn/7Hb7+RjgRU4hDbkMj7fSNzoO2QK/R/8l/h/nyHD2weeKxD3jjkTk0t1v9NhYtIJ/QPxj0o9iFxKo9mOZBQohoX0Oz52JREWFGVQUGG7XLQeSA+5fychB8ZOoGZtnkP/XL+uJAH2xB3TKDSoyikxDpBJ8Ke5W5WXuDZM8vBdzrb3v33/nqZ+ku8Ps4Md4wZIXeRY045CWcr5nDPbM7bILKH+NuyvkIx3bFYpgICwWBCmf9F0VeahLYlTMajfI6alBLBwhnMd9zsgkAAKMXAABQSwMECgAJAAAA9HZwSOPhzwAcAAAAEAAAAC0AHAA5M2NkNjEyNTU3OGNmMjhlZWQzOTY2MTNmNDE4OGVlMy5maWxlbmFtZS50eHRVVAkAA+xz6Vbsc+lWdXgLAAEEIQAAAAQhAAAAxSyMsJ/L5gM9dWNSHppFekiv3Fc5CJOyyKVau1BLBwjj4c8AHAAAABAAAABQSwECHgMUAAkACAD0dnBIZzHfc7IJAACjFwAAIAAYAAAAAAABAAAApIEAAAAAOTNjZDYxMjU1NzhjZjI4ZWVkMzk2NjEzZjQxODhlZTNVVAUAA+xz6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAD0dnBI4+HPABwAAAAQAAAALQAYAAAAAAABAAAApIEcCgAAOTNjZDYxMjU1NzhjZjI4ZWVkMzk2NjEzZjQxODhlZTMuZmlsZW5hbWUudHh0VVQFAAPsc+lWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAK8KAAAAAA==' AND file:name = 'billing_5051d.js' AND file:hashes.MD5 = '93cd612557
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ed-5688-4903-8669-4438950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:41.000Z",
"modified": "2016-03-16T14:55:41.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_5051d.js' AND file:hashes.SHA1 = '23ed62bfe3f5b5932f79b79f73a58feffe83fa70']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ed-f030-4255-a33b-4fcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:41.000Z",
"modified": "2016-03-16T14:55:41.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_5051d.js' AND file:hashes.SHA256 = '61ee6a162376cda733a0db890970d4327a6a55b4fe3808573457ceba053c6827']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ee-d038-42c1-83d4-45da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:42.000Z",
"modified": "2016-03-16T14:55:42.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPV2cEiAK3kfXgoAAOcYAAAgABwANDRhZjhjODQwYWMzZjNlOTAxMDM2NmI0YzdmY2RmM2RVVAkAA+5z6Vbuc+lWdXgLAAEEIQAAAAQhAAAA1SPCvbijXpdmkQJQ+1VcJeC/q1tfWcLOWEgeaAWx4962mUtACWhaJFi86JmxAk0SbBL1/fsvATNe3bQE+l7134POyiSS66FFaVtX6ZNwidSwptUMP+fd8o71969XoM1nLDtBdUXbfAU9qbEi3At5z+laZrJdDR2Wb2K862spvw0gTmGIrGqfzarvrfGkJ4pSuEfdVwQUo4/LMA+ZG3dbc8VlVycXhcbr4xT7lQ9BH4St7Gowl3BeY60DPyM0CSuW1S5Qi/3HTvUB56+RtakxhtAmGQtI8kGr7U/+R2kM7Wf6KI3VyDRDhFNCtcFfZw2XD4pgYHqMvYY+IVwQp81mqyJsCC7gg4e04u4O9cQ9UhjZxTLDfBy69xK107gUoaKnPWMgxHjTDieqk3PPJgKQU4G62EEBpXwfQA+Z/ezBgraAbc1MCWva9TSVJF6dmGD1nh7PsDqj6BBYMx5RsNONeyJ1eBjvvDtngwIoC9XW79OGJv0KkAT5fsG80WEUo65X6dDUSkhLZgz+bLFOzUKzRIaz09wjElqKt+77ZdQPjkOjqIFkP56QT6RYmmnceUqaLOs4jSKbMhNBy8Tg4nA480Ger9gDEUlhXCGnxvSm/q0FvKXECA04jhaYjhoQQ9IHtyH6TZV5+feZ7SeqV5MBiN5RzK2myo1A+kbAQ+hXW2LqkHpVt7rWrwEZCG22mqgKDw2Snxt3VeKDBrokv9Sf8tA1hd0qjpo9WLodC3rg4vjHIMx/eimJMYlvfPN+M4vTIApSZTDST9MoZ5AcnGAgkt0p+qH/b2O6tr2rEmpbbd1h4MT1nj1uDaUCkbpzh3OERRB4EKN1gV3pEICNqe+4CnjjQNX9uoehcj+/xaRG4AJxdN5PfyWoRk+4UGybv1VNQbqT1fDMLqRKnwWJXLljg1L1wZAPSHitbHA30uTVODx/5wrn30Mdl7Pr6i9I6FNi3zY331A3xWnDFxazEY718F9JUHaUqkCTHJ07ThmB8EmeTNjgYpvnWnXFNL8Zz812Xv4qdEqK2HKJCbBx7HgWKDqz3zxlMxbaUHcNa6Q0s0ml/wmCmqC04ipeiijmDyIk4bLnLpioo0XjLZs3lBGfWVYxxMrJZwLxyRoYjHwx3/3uslt+/NQads1hDqM1t4c6hBuhndHxZS4HNmrfFwqDATyNb2LkX5LH+79tPGiiOP8Scp0erNt0/D/Sk0B5VqQI5HwXMx1bv7TJWkYzQ5IgQfkGf5XHKsVgT83J1F75TOQEHmde4a2YOM+IuVru2WjVpWfSqzT5xF8dZGjY6gOnPf+E9Txz8p1mg6uIC4vgeT2FAB5aLszHPt5tldCaIxLno8D2TeurGJpJA950Tr4EhVaeHUGJS4KkN2iTp2fslPsJXVDd6fsRVVfeBlG6E9QNUiNY4TImSgQjTeBYR5fFaaQVbO/9zHpVLEak2504OswNAVi0fVRr79ulcmBE25A4jRla17QJ+MxaCUdB+5DoBHJobu6EZf7IX5S0uaK7NQY1DZP4I/RXcgMds5lT/nsUyMSlz+RUJSjaU9/ezsXU6v3DvnbJ2lmVYd5+mJaH2P7qB9yBB1knki5+yJDKqWucn3afsYXg4b6Ej53sO0bwCrTeJ58i0I0+0aWOHKAHMIZkQ/u6TcXzLSgQkxVphQCHtkxx8rRTLY6AO6xNleHnI6/KPykHGmLUVBNuZ/XKmusa9/ZwQ8m5MAJW7ZEvQbza4ZLS9XlknXz3X/i5X9yEaScPx/Lg0KRbk8UqiojTB8ww3u+GX9UEN6s+xSZ99OXpzFbUlaJrUpfIfB43j5pe/c5DMo0nK3chrA9kT+JPfanSvqQQkhU6EW41gG1PGCi95b61eC15PsYvyclVKSzfVfEXYMMcHCM7oCqLIlCSJ5oPFcji9/bjQZe1BRIMfHz6qFyg5JkdRgYbxbM9nNm5pcb3Yy90ubFlS2xEv/s8MzNRYlEqu4+9/6PlNNJtcPYy4P7bhx8Cuj0YLYflXFeFmbohKLrIo7ZTki6nAyAmZ+Uopetaj0c2pmeoNZBPdagYgNeYI5Zn2zUIYKZvDJKBc0GqpK2FM5G7pz2J4DlBzBiv7JVSQXmalsPRCDNdmUt/CXcnAhYfxblsvnZ53se2xkzQFlO0+qkH31s7sS3OtvF/RLTi8vjWSZCfHubNFjBWtpEMKfA2wA1Hxk2ovrgVCMUdde/5S5aogbkM2KrU+hPl3q9u8+HAu1sBttOioSzXi+mI8dsx3tXHsZYMHiEIntfUILExGyXKzNaezJKJWWyC3hcRwMGQJCKditfmqUPqCHxN3K9sXqwB40WttDUpaWyG9oeWW4MQshEkFTn4vE1sfQzFb7WUAZg7GmExmA55Ot1ShtrD5Ow7fquQDY+R1cryMEekWNaX6sitofL2fZoksdNn133o9l/Ggv0094d7XobGE49Ca0Iz2hyCGOzez9coCeJPspr3Yr1fQOJa9Q4TOkhzhG0FR4uV3u21LnHx7+SC8XKWNqH7b8i3rdZ+rtHg2uatnz8yvW88KfiORygZXVOzBr3OIPivrTkkTHlRtNFjO+NC4/Y5MtUGwePekwinbHv+SA3M4qWZUalK04FbSFfe1/YG7cdu2xp9bmcsdEnf63WZOU686CHctfOn7NCJv3HjEihlnYmpJlZnzrGm32Jms6jGWzj014Qi8UjDaEetqNFmbsxeXM1L90VhQvG82y3/fwRVOSSElT8QQ04FCEIvQF7tbG3u+pEHXhxhhouVex8yP6cyhjkziGLsvrFS/UOtzVUAYNuMjd9xU6TNUddToj7ygFBAyZdPpltbExfoz3ONjljyyDH+EXiL4GxU68uMmHwofkyV2DgSdVp933Z1w2VHWb9vrrOPsIoEzeMJK5XdLovEk3pivfUK5WD0XrT5jkNWPpc/fzrEbIEdF0Wl+i5feRs/zYIzMtZigS3eI6Z7+KkG7KOLxcoA3NtVrjHEn+C+ouLFOGq6DMgCTLI1nwfW8U1olJWnpaXs04NwmxZKAWV2xW37xOqUYQW2cOeucXb2gC0RnSNxtrRfqFk7jKUi+bvn3Xdo79xuYicD3QXlj6BmBqlCNKQAdt24mGCyLRyWgFy5zVYdVv5HWeQZsnDye9+ovmjGGgOBapWWsv9lkQydvFqScuWMiuuFg4nrIv2jEkfntigBLDywK1XH+KZkYcIV3WjD5Y05BmKiCn2gP8olPKGpInWeBcv2UGrjmkvo3EOkmkOzpEAph5YQr/iV979r1iKYU6CF5WPmilbnvZLbT1rfzI8/JqpXexG8AUg1JPWFq/Yy/YJZDddA7W6vEQSS9XKoJ3XqDQBYl9jDchTVfwIxkeYzsaHQmhdEfirhyoGxmKz07JWTSZRAOmq+JjqXLfJXORLHwwd/6PiyBP+I6UkjLW4SkRBp3VUxZknn9LYmJdWBvL1z74hH5nX+5v2ucQeB/iXy+7RMx0yXRnhpWcPSw7zPss0GuVhWyag7n3HbaaoWUcDPzbqk9FD+qsNQfNMU5QkVoyYdjgqDXyIkgePiYTZQSwcIgCt5H14KAADnGAAAUEsDBAoACQAAAPV2cEgqNpzAHQAAABEAAAAtABwANDRhZjhjODQwYWMzZjNlOTAxMDM2NmI0YzdmY2RmM2QuZmlsZW5hbWUudHh0VVQJAAPuc+lW7nPpVnV4CwABBCEAAAAEIQAAANUwL3txPuoSC7WnK7PV6i4NP35XUywoOkU/EPC1UEsHCCo2nMAdAAAAEQAAAFBLAQIeAxQACQAIAPV2cEiAK3kfXgoAAOcYAAAgABgAAAAAAAEAAACkgQAAAAA0NGFmOGM4NDBhYzNmM2U5MDEwMzY2YjRjN2ZjZGYzZFVUBQAD7nPpVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAPV2cEgqNp
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ef-b84c-40e7-a3fd-4c3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:43.000Z",
"modified": "2016-03-16T14:55:43.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_6548ea.js' AND file:hashes.SHA1 = 'e60ba463ef2415fe7ae5ceb566125e72980eaf66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ef-2bfc-4731-84c3-41ba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:43.000Z",
"modified": "2016-03-16T14:55:43.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_6548ea.js' AND file:hashes.SHA256 = '63f2349ba9f03ee5517e6478dc4585fba52310474fbd43952a9fb90deb0061df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f0-4308-496e-a8bc-40f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:44.000Z",
"modified": "2016-03-16T14:55:44.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPZ2cEiuDp8MOAoAAMIYAAAgABwAMTlmZGZhODQ0MmMwZDBkZTJlMDJjYTllMWQ2MzkyYjJVVAkAA/Bz6Vbwc+lWdXgLAAEEIQAAAAQhAAAAXBYCvkHtlIdVgOlLeKByERAcGr4qKsyzjr0mfgsX54tLCwBdkEaafqAkhW3HzFFGHAxtM5ghWq5UyLgKXrr5B68qwNgk6c+t6O/FPVGMVzMgRgC1BvjpJ4Uasw1/Q2nKyVpAW4gYID9ikjcKA0LniSM0fy16gCf60Ro+AwDsGdhewbCepT0A9Ei4seVebvFVdAA2k3aiOOvBOk/IWgwJl9YY5yAaxOF/65/7xJ7nlB6r9goFzeSPyirSpCl/jwUGvhzk4W+np9IEjaIdfojYoDE4OvUWdoG9y1WDO9yUuk+reSDcJt5mxqTMBF7pmQIddhHSmMgfu9dInr8nsH7ZskB37nv4FSl6WRzmcrKqo7OmH6aHWuPoNLXFUuqyjENq/xPf6q4ofNYsw2ATgHAH7ExDy/wcF3vvsHH5RX7JOq0V6/Vv4BjM0XlxeAxc2rBX2WwVTWZtBl0/04KVWdmaG0+UXKhh0rIS06BbR9CBNbVBXtPIUAKcoVQ4aFli72gj4hCiLGOtvxVbGfz9u5OyC2zZXq6R/tsDEEDf+GUxplel35pw4O62gws7rfz/U4xX5VMut3Mg8iDU7OV0XMOdveHCdPwmKXPsuGAPilwrSftffv/AhHAbFG6JiGOlWLkEsqMhxvIaikgakW0aPGRlD+kJiHOsQeTwyR5jahOjhwUE9wEl1151z2pBy7ptILDKhYkp3Vhb3g4c2YQHWqtrXwIh6w8j5/7DHSSn1TPIH6qMOFu94fZzJjw/ZgKrejhdNi09reM6iZ4GjQkxNbaxTGQYJX/Ud6xm1WO0oYfEYWIhWjhQK4Ab54ZXX/qHaY6CkjPXOCUHYrhljGwLDV2ctTHHNGDaE4EVstFuEOwX9JTdQFV0PFtsKFhy46iLG4Bysjd0sg9iP9LGWqD0xNkMP9tm01smVUa1BFd3TrZJdUr87VpbTXr0DYEh2xpwc7G/zSH0c811dCdTFrYsZSIOrL8cZ2uW7igwXWj6WVx24bVuRKt5nmhRqChVPj+ApykdisA4YavloL5VTZzpFbOsGnSfAFA5pOfqsxeiQJ7wFfhx/VFXgeKMFpXtvyUYLHwNGVOAsHs9/hV3MWLSijYxk4PF1fd37czkLlMBbxFFx4WP7d2l63U5+SPHp8766CsOkCc1Fy9D0yhSJbDGa+y/prtYzG0UV/cgQ7TpNV/J7ROGV/14EvZpfLlnjtmLwLxzwofVuntR1GVvwrrhE3x/82OPgzDU4cwjozaFVhrRJKlX+hTHFopQpxN3BP5h0ZmuHfiwJU4QuS0ONQEu+YcVWU87OMWva3Nznc6Q7CJ0h6/xlOegiFUmD5cI7MLzdQVI2PTLl8yBi/Q+P/JylgtEiEjmBqcElgFOr5EFwbCt0QA/h4jDU6X1os8zx92se+Y2j0tR5G/DvVLd3JHo7RLf9Oersl1uo4HgXqtGPqEUlQZ3inW0T6kx5Mpbg0SuKJEgKHZXa2MM44xTu9X44lq4IBgmCmPfbXt7BwsAFXEklPSykw+W6JXbRmCF5lJEJ7TP3H21HADiD07RVxgMHYwtobw3RhvJzMAq9vXA2oNwdvU18ezkXDU90KCVjn7CObt2T2KYgUclH/P9LEvE5Vdr9Du5Z+uNMdOS8fcEX0Vo+ilWa50O31CQKAh/L8Olw44HTj+/Tvn95Z8CbO1na/3SANmVvkF2LTSuOtxkY2+s9U+96Opkw31G3p0gzTnJQADWEJOotLuwEN6UgLHUNTXCztIxoXBeyuAO9MKC8y7Bj6U2TddXyvBDOplk86GnNcw6lgA4J9LfvizU2e5b5GYWd/LcOjPjKkwfgEj/g5GETCWUSSXBiBuyrz1vthQvK8Gz/3K3aEFpgpDxWljiYIpaJwiOMVpLMAdTLT+Ytiz0vsa4YLOnGyoWnUbboXgVKzlSaPx1BvuK/etObN2Jek4RSZtrKKbkMXV2OlA+LgAMcLmeLrJ+2/meTrLZRz9aqFSSX8odaZ8A775/sxSjPcEKce2aAIuti23bhXiKXfeXC+6p/7PXehfv5uFL9gwytY9QVKRwhblRMxLhVgxLMttqWF3aplmpvhHreC7Ku/C+O85e5yOy3A1TIpJTIdxJiB7sLQph4K6r+iN+fMe+TyjYTCcxDG3atpTMxECgs7ekQtykxNyHUjg25ymhk2tbmrcOmbADDySJ04mWxGXUtoaIBZw+o0kun8q94iEXq83eDazRhQ3krApSvsy2DZxJVxf+f5ooiu6mldSsRZIVbfiw0s5ow8SH58CovkfLzCrDUpLYQDEq3K6ZsI3SxrnSuHOBkaH0ZWjThzasAOPIAwUUvJVVGx0o2ptaWP41CZUtW7uZp1UFFc24n9C9EBH5zCdVLawnid9BJueobXkE2An4hvZaCiZiX2375RFyPLCXea6D7AFb04gvGH8EvLIYiYx2UB1+KadLMws/9IoYs8zxvWu8BU0fX3qwjKOejTCRLb1SbQMCuZX89SJs7E/ulnePBkF+kpakrWkBrtlLuDUpxKPP1Nc+ech1XWHDcFhuds5YF/UJLJsHiyXxz3tARSaOkso3Qp80OYhUayUa6VBhppRakNpA10Nc0qTjMDoq4oruqomgZcO85D/+g6DYcmIzR9e+qDwOrLz4gFJ381mnNTeuCzMoxtE2R95JtudgCMKAWc19WTTx21mkP/JHGREQIUxnPjCWfIPGWn7NAZlkYk+e/VPsNjbTl6QYkNxrIOF7ZTjAIoQFE/5qspdzOUSVfCCyh9ubi3E1cIewlDu9ILFq34I9Jd8AK3hrJdYeuvd2S5iFxyMcAg2Cj/ezhHNFcMbCVdKZB7jW7AohMWoq6/ulV2Vx86TP1/rWfYqscyQmQm6e3knnflphLrf79fWwhYAnvA5dCe2+Rn57E/PwMhQWtTiroh+feJbzRLlIXEIr0GAuXBVR93uV6Qw+7MKtb6SQO3tEtfC+peKaadKxdQYdb/UWExoy3DT1HHvlHIGUuK1xw9GtEqyKj92P9pemaok1mPyX6jbaCwImLDouBjDMBGiLKV7/6CfCkosIv6GJ7MkMm+WX2xLX3N1xTuMXDtWr+reobep9Nq9EHjIUIPZBmiK/7bVxCSPfH3z/KJUZ5nuwVuivB2geQZihvrFdL91lSTzYLEKL2G9FPNa5ML75fDysrbhnnVHFc8riOHde0kH7tZ344bApj+C+0mzsLySy95XZs8fTbt8ah5gOPnSaVviXGdL7bYSgTisW2qyyWaGZXjU0feZZe3Z9Jm9S57lIuP1WC/8dv+ycBGtnQvySs6FcLtdXPdwfTvsprTYE+iXbLk7AQVsmDv0ePeMbT630qDnLPMGdH3Auk1Xc/xIec+4ns8cjrcouq0OMqZDlu98cTy+zdhNqTPeZ81M+tYUZxjGkKDb72p8U/4ySddKTuPV4qBm7ggskFF4jZBa1tSB/QRjAEOgFGhdiOQ4cKC4qNgJyC3vsCRYFZi67W4zcx88/3G7fUEsHCK4Onww4CgAAwhgAAFBLAwQKAAkAAAD2dnBI2pBBSBwAAAAQAAAALQAcADE5ZmRmYTg0NDJjMGQwZGUyZTAyY2E5ZTFkNjM5MmIyLmZpbGVuYW1lLnR4dFVUCQAD8HPpVvBz6VZ1eAsAAQQhAAAABCEAAAC3y9U2GSDcOEU4RBhN4PYrdDWNbIBInY/9Q2+WUEsHCNqQQUgcAAAAEAAAAFBLAQIeAxQACQAIAPZ2cEiuDp8MOAoAAMIYAAAgABgAAAAAAAEAAACkgQAAAAAxOWZkZmE4NDQyYzBkMGRlMmUwMmNhOWUxZDYzOTJiMlVUBQAD8HPpVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAPZ2cEjakEFIHAAAABAAAAAtABgAAAAAAAEAAACkgaIKAAAxOWZkZmE4NDQyYz
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f1-d294-40f1-82db-40fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:45.000Z",
"modified": "2016-03-16T14:55:45.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_95849.js' AND file:hashes.SHA1 = '37faef153805638a2ced733943e43c742761561a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f1-97b4-4e99-980c-48f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:45.000Z",
"modified": "2016-03-16T14:55:45.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_95849.js' AND file:hashes.SHA256 = 'e304e6dd904bc381c975c61430eae455cb2935fd64e94e2dffc0791f5423a101']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f2-85b0-4ad0-a701-48b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:46.000Z",
"modified": "2016-03-16T14:55:46.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPd2cEh085edNQoAAJgYAAAgABwAN2VmNzk3NTkwM2M5MTM0NWVmYTEwZDUxMWNiMDZhZmRVVAkAA/Jz6Vbyc+lWdXgLAAEEIQAAAAQhAAAAjxMW5HoFsj6ArWW6wPZixJlcBGctTyWrA/oJgA5aPbNvtjwZA5zBe9Vzv3uhTKHq+MVeDSQ8APbyV5PN/HJr/lo6szsUJUAZ3enZMcCeYk8eWJ4txMSR7P5gaOt48wKbkRtNuMCPnx/GdXBml+02+Y/FeISKeNoTF54vqXUd9kIDncqpUNX/MCWLRPl2cE3Nb6+pUgxfx/MOtaSFxii3ZG4Mr+vGUJBNpEGKSTHwYTJxXEbGKsPbn0JSTJktKOf2loTGAdkDEhtZ3ZUxbhBlWvcroFA+IIVmkgjgRsJvCoudnf7ERO3mICAZILGNS9RBZHXBzeM6IP6hC0jMTHbpKxaTaPvsLFqXfpWsCOaSM6gF5DBcm3NjCsOUSL3IloewVCb1ps0hastxUiqBqcA28B9dI7WriBAZZYwv6ebfL/q3zj/sKj6TF/SV0Zgfc3fIDbgBP9Gt2iQy9T/h7VAwF94SXf6MBFD80ec/VpxxkDnXnjv/wlNJWaEVEcBGoTn44rY7IO/4ZrxM2ht/jxkeswdqtv0wfVQVGzrwpUvF2+Hxa5p4NXvLR+Ny6WYfkGOmMv0QLKSi5HZ7Ht+tS690KZYBkXBaNrZjJP5bQ1o0h6O8qKQ9v9Nzdt6k5a+SD1hHzV8bWo305PAkO0pLqdk0MqDu7xV6KxkDhIsIosv5Pmy8uqiQ5jq/kaq2MQO4t5s57Od0WlfmYSCla2cIWdZ0ww2EwiRVlIUB2vFfAjRDTtOsS1vnupUGyTmxS3r0MlgXIoDo75GEReiaH93hibmGjqiCvrMmE0YsPgiIyX/9dzeNsL9O9SAddXsQanOQZaAwoZqDqpFgRrSv+thQEMBVzjms35iuiPVFQGUeBALH/I+K0bISLYdXs1bN+Qk5Zk8jkb9D8DLuCl+uPYbBvUxTOD8TB4yJo/q9NBkYdP+YFHWDzKH/UdEj6JZE3KUMEU4wWo/AcDWjr3bKVDt06YzW6FbafcT63QlPD5VN39iVXsEsbTgITIv2VlPxq2SoOlNEYvq648Cnr1RiFO+az5obAnWEhB69Bc56o0FhtHwzM2ek50M79wvjAj0v8FIVQ8r057Rqc098/OW8mHbcCFxGip1O2PdZqFbMUjehjicmzea6qA0MntMcMXQpqUlznumnaScv4THUEV3SphGOn0zZ9N43ymmu8OREiHmBpT1Z1AVC/eqLpEUcZoxryK1VWAiXJU/wGnItrrqGvWrRMksogO1GZFqHszjWqSpxEfbmkIuLBwqY+LieiPEcP3R1nCLLdpmbbYzL1OZc/fFM8OFPno2yH9TgXiWQdAq0MfoTlmsJmTjse1VtDyKlTSm/W0A/C17wGc8hPAzEouj8tL2F5dCrxvStLZSJHrgedHy+i0u/VEYMogZlIruX6qZ7uUmL5LT79SVpiDul4VfTa29yhyKQabAigZQt0AmOmFAr/YUsdjsuGXqMbNSKesoFPxlEWEcogLhyU9FlbBOAyeygA0pU/v+JualHc91VSkhz67+QQW1qHY4n1MMKFlAgDfLmggEYBJSJKyuBCcCo6WoP2mOATXI2/Lq0TD35RCI20q4W8pavcQxt9THwqbStgn1vsw8n1ZqCB8CWC0KouLi/rnpzB/BpLzk62KnUGXMDAcCV4VbvieqP0VYUCsHZl3Dc5SvDq2YmKn/oOMFEW+1hbc3qdEtPD0UroKhrTPIfoh9BOPXndK0zR9+aoPMo/MbjYk1HKVhvuymSI8EK84EYqMSsF+7BR0RROSTyYWgU1HwZGXbxq8Ck+k2lRQjC1tndN2Bagv76fmSSUKQur/Of7xaBkdNy0HFtaY6ky0Lh5KBohvIS3hvhizizqvWBMfKvnCnVXwrjJ8oN0Nats0hN5baub1kEpdYFxulu6r6GBG8SQztqMJJQLLoAtYpFkys7OjhW9oL/cKwP7UuyG6ewDdjhZsPNFlzsk1azjxh7lwB1yOASBMbFdVYmLwwt1t5f57njiKlb7igY/PQihpC+qhGVMol2rQp7aRHumaoXeYTEV4XZlFT45ClThUgC+XZo17i1vwM0CmumR1OG1p2qK3SXvVI5qFz9qCEXjG6/VEWTVWI5Tb3C8YlRFMTkY2Xme0V3wmbPsRchsj1UQ7Ueg5TPnFJRaehdkO4nl5ewzBgWVvsUemuzIHvb6JYkczo+1hRF8YlilgzjiefuHJnLEY81UvTiqCAada549ZEd7REHYGZ6bja+z629JQcliaNf2X7U8ZDRQE1K2H/Y4YHFbQsaIxfhX8I04rBQAZ2kPY+bhfXTYk70JMsyewszYBQQyuLf5rdajT54J2ZmsVHfvGM4FXen4sesDA9/NOLQTgzoTO4Shm5gjEvYdQzRtVeS62+QppqNsenGUosN/1g42YmopF1d1i8cgTMHqNsvi315SKlyCqSYa4cjXW30S73NYI+EPdcdkml1lzfOejLO7l5VCYw4x66VrPrUtAIw+gJAIBACZxBA3E8a64ou81vWnYt3COSaE46bSYXp+LJz5aDFXbjync4TqcWIHW5LzVEtt+ITnsanK4BlpYZ1F4EjjoxVbOd9vujPfaWUdfkAbelUGViODZd/VYLXFzHC89gx9P8j2DTUoOxjC9FRwu/UGgnENNGCS5yuc66UWYtu1iPApwONB22tHfdZjAAGuao8oOgCv//ThGIGRjG9AgsC97AL2sZhFnoCp4NS7j4fUHkn4Lghs4JPcsNLYrGi/4EbX6IArgLIiHP3KQii0DOhTG0ZNxwWlDfpKFAOcWpKkAUOB8JaudfZGAa6ufkznWMu/SLTSwYG4v+5+Js4K/lQcXxM7ZQSQU2/LyCTZZvfsTHNcAFFqqU1A26wYkPx6cCKYH/CiOe7Ne4JltUR+L6IbFZZWVB34Gzwh1s2ndg9ZlNnm8ui/htP69165gbz27L9j4djEEdC4utW+0DKYKoVVqF7WPKhgT2lMGqglWrk8OhfYfBPT9ZM7ir5Z+ie5uoFwQ+kNOWs+DzwyuW6S2K8Gh4xgJrP6uAUZg8pjALp5GhfZiPi11G8JflZ2ZoRSybSKz7Wu87Ettog2hIZDwbflpo39v34ZNGBnIaZm9vI5eK+8IzNC3PV3alPaa49VLGxeBU8ViYIOXynRZdFWkXJOkgdQ7tCCsj9/lDY8gfgRN22DvarOvsHe5u5w7KsTSZRozzdT41TYMx+0TSpNPxa78jEdaTZ4n0yV45b4qtuZ8+yhSuJZdiZjAONghm43lhNXwYelkJ7Lv4m/pDtPKYtYX55QQceLUayl6RMba7jwqjuqSIz1pO3s1snG8BuUncfDnviZU97twkFrKkhS7muzSUOx82saMB9trZMDOmO6jPxqNszIQQaDPbixdTxVE2ZMF737YxpjhpJa3dHlQaksVDz23lS8NzGfHzX6eMjdQ/bfd7q+FoTJFxOH8BsYVf889EplNRwaDMxAA/cy9XUfmh38QY0HYGD9p5VT5GxZ+ti62kNUEsHCHTzl501CgAAmBgAAFBLAwQKAAkAAAD3dnBIJvJNxB0AAAARAAAALQAcADdlZjc5NzU5MDNjOTEzNDVlZmExMGQ1MTFjYjA2YWZkLmZpbGVuYW1lLnR4dFVUCQAD8nPpVvJz6VZ1eAsAAQQhAAAABCEAAAB366r+UbpjIBpMP85+peM0TWNJ5nHCB4EKrI8lqVBLBwgm8k3EHQAAABEAAABQSwECHgMUAAkACAD3dnBIdPOXnTUKAACYGAAAIAAYAAAAAAABAAAApIEAAAAAN2VmNzk3NTkwM2M5MTM0NWVmYTEwZDUxMWNiMDZhZmRVVAUAA/Jz6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAD3dnBIJvJNxB0AAAARAAAALQAYAAAAAAABAAAApIGfCgAAN2VmNzk3NTkwM2M5MT
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f3-aec0-4cff-90ff-4931950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:47.000Z",
"modified": "2016-03-16T14:55:47.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_321355.js' AND file:hashes.SHA1 = '02f6dcb2f37c48c633d1b160bc51d624c04de8ab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f3-38bc-4c8c-a43d-4dbb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:47.000Z",
"modified": "2016-03-16T14:55:47.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_321355.js' AND file:hashes.SHA256 = '6f6b2cd6956fdb42a59b2f9b77f4df84a9cae72e89e866f2ff7d7fbaa233a650']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f4-4100-4463-b578-47b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:48.000Z",
"modified": "2016-03-16T14:55:48.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPh2cEhn6MuaXgoAAHQZAAAgABwAMGJjZjBlODQyNGFlZjEwZGQ1OTA3OGUzYzA4MGYzY2JVVAkAA/Rz6Vb0c+lWdXgLAAEEIQAAAAQhAAAA7x6xNTNcSN28924n8g+NTh3MTbkbTnVpoZw12bPhFEjNcEm0r0Oa+NihLlmPJUVl5XIZBdmTkE9VUonYKIttFC2TwybYvA8JpjaPdfh/fwi71kFKNDv/Q5sBRQl+LSb3IYT31JUQkCOY/Rw/bL2l4Qkzao3qZfXuuuOP6iGdGyu04OaK15M4BZMQcsqXE+rRhPPnzN/4Sovrc1hzeyWJkxs+SFylo1wAlBWdNeegQoElM3BGRu5s2w0vB1AlR1zuJ4NGlW5S5XhN71nJI3seayaBxJYlZWzg1gvftNTN/D4gQyNJ/LTiKhmfQDHWgbIDCZiSvKIxpQi+3UM/FutvRPtVFFxHxZ7izc3Hu4HOZ43DHBfNQrvwXfNMTNSGeo3zB33NzkhmUCKb1HhOHf3PC/k3lfe+utRfPoF/9gqjkHPbeMw+ngRuFkzyg2R3rbdBlWW4Tuf/ilkBf+Yy+AB9DUTo52iUz8Am+7XB9BDeaJ1zBBuA3toFbkVc8fl70+hG8GCq0Ie0grRSvsYU01aC3nc34Q3RhDqmYQj6KISTJFmkkIkqADkzazZzeAhIyly9rANCFo+OBpmUw70a/+oTfdt6Og+krDc/7jT6lRJ6wvDgVLUW7QKO4B8LMv7s8GB+t8WdfpGBlvmewt5EZrdvktpllfN7ZpLtdNoTQani5/AAEm+gnD0qPXakSmDPR9vA/Zeg6oUBAK/DWm45kJgLq1jnICuqEsGZxb2SZESJBOKM4M2pMygB7T4RjDJQtPJqLlxARCeJKNZ8S/wclR+0F33rbbRXbclSGkSd/dljMF/fOxBTnWAPIkJvMB1yRYlCu3/qA8spksN8tVZBbKLxaMyzOj6+BmVjmWxTEHTNttna1p6UV/yRgX5zi4UnxdCEebfVHEma7Z01czCMEtifBdVYnlXBV36VUTt5VOSHlw1WvMa5nT11pwUpG+k+gp2hODGVwI7HTyOX9DKyE9ICZKIidUG7aDe7sXWyVbD0VRm77oDnEPXNdvH9Gw5eF2Gz3ZAE5ZwnKl2UCYog+JtZjiPEOsL29OjnQAgGU3QxCbgemYn+pGRptlyg3wgJFbfJzJRB4cngiEfB3zUKXAu+aEIlkZVY5jGHLEQ9kfX53TomNUzgeKOECGt7/qMJVpXn9kdQLZ4OKprsAtSxYZ89dFVfpSIIwBnpCh72ENpSyVJ3GuQKQtWsx7vazRSaToiPcJhFsIZc1LVe++aKh4Bl8JPgGb1H1iND+3hP+vg5Udr/qatSd/EuKswKp68kTK1HdgJY2iUYUEndO/x6mIjLwHC+nH50HyUHBJuTkC1FZWQ/cTm2g5GbHfcey4j/Q0QyMeEPQ9/bqmhRRZyRG3UqXyDSNkWrQIBA764N/G2JiglQvxDq1zC3oh5qhiAlwyAG/gbBxPACS7apSzw+fallGypngc5d29GMhc9PnLH+cvw2j/+VF8GVp6iMcpl7IH443YwR7bWD51Q+iupUK8xRJS0X8toOfJZocpeYUrWfI6VEQwRJ3vfWzXY0UIXE335IZK78J8uKKw05Ax6NkB7ptA4F+BQlQZeB5J8XZLD0pyly7Wzz98TSRhNRyMrI1VxHwUPBKuhpa2VLcFRsh/jLb7CZHGz13VgIzGVVvYeXsBctZ7kl+FB9WNxvpXznussuBoL72YY/zjzIFJEyG2Y/NZx6vPkEYCYMtbfgtbGhnvwJj2d5l9+l458X5vakYKj+YXxChmdDrFhDtuUBELWzMyJMhaph6DFInnlFdy8wEaZXCYiZHXX8p4MYeYRjnod+flsZIryFLEQ2VwGvUlBKNCZdVCBNXT1iLAEc+QoZWwlH4nZPNnS5kELWiE2cKUlqTLLCFD/aAGAsu3ghqmp5WuH7mVgE+tVqRYpZGGlwfjOpTbYbcBewH/5OjlOOOMnIiwztIVGi3uPS8KYVAHU8HC6m6oMNikjOlYvhL8+IPi/Q2BdAXfF7Fn2h2tX+3ogJCP6l+cvUUZyMbrsR6Q1tniahocIInZz5D9jGMjW/6JxWMGEm10/+WdJMmJLkJuP2bIWDPGxWO2K1xlFRtP/eKfr+wEOUPvJ/zz/++tkHYs91C8pFBDsM1etxEmCfHJZU/LsmH2XV/MSF5EGNl0kku7OakBa5ITp4zD98hQQ6h74PxZ3bHvyGFMK3oR0+ghIEiOZJRQXXY/WR46doPFf1H7Y0g5o2lqLrCa08dOs50XpBKJuYcbsXqOjNK5nyOb8jwaq7nPG4kiRqUVqP2HA8hjw6d7bAGH6vpInGuf9CM4LxdRGhoVe5nVJ0EZPrZxdJr3dMHSybm93GF9dHPMWtR7jEX8kfA4uHBATCjgGKAwX5aTMnufJ8jy31phnmQ1BFwM06JeANgO+2VuOOg+bGUWpFUq6gH0HQPg1kzYY0Bp8mC3Eu7mKSBEaY/Sbg2DH4O8gTO2dGFGDdyYpLy/ILE8N93UdCSHCB0mw3y74jcLMieviz2ISZrYfmq6PD+fVCXIGwVkjhFkhoAD+sYq8gHArkVvLu12hlY45LUqjA9eIEDsdDwdTc/7yJQ8mZlxGLoxvZUQLapr5OgoirvQfdow6JtHx6u7aZ3QPp5y92KAdFkp67aHstRqCqUerR+TZMv+YhK5tQyKmMYyzM+5+mbmqNXnHDqhJNlKOWa3bE5wKSv8yzHYqoKDeeiXN8qOWUq/DbDJWgKRxEj/uew1iOS6t2MAnqAf7G1hnpcYyfo431FyGnbNNH3T+gjKp/pcbJ43dcAwZrTdlWEuHvR+vVC4Vjbi34jNRudTBF+V93TA8y8RDw0C4LoiqzkqbTjGfTW8+iZ98QTW/Rzq3Pp2SovNUNpFeDpOFxu7kj47Ttws+hyi36Z3xMbyaiu3Xbg+bBJIyR9nakIix223S/CHLpJ/gQu0ICTbdJ9X+89Nra/VaMpXiKEUVTybg1cnJ7mDFnJ9M2VbJdvQ6el29PCAhB5jzrf0nHnuVEoZ5iv1YV5gMwe0R3AaKOEJemfGdjnofjyI9NLAfoLMmc5EJYJY/a8BDD2W4r8lpFtkm4l35NJW9bqBVIeJg6+YAUh1GylHZA7lNNx9DJ9Fb/JVG4lp5lbBwIi6SLbPUPSSl0dTqBvqKU2X6d04qCbREeKR1CB4wywAxpuEQBzD39DCHeW++waBujSGMrFDHOehHotJ4fXXXw/ae4TKIcx8tI9vhVWnsaeS5Xj/DbviDis7wa/2hFR4t7xaWVH8bw5MORmcC1i6VA+5cANeCskg1bwXWN7ZRHH8C4N35D9THud0aJEB2fX1JBJ4/YVNtYjG4o7k8X3+DhLiAZBmA1DzAd7Rx7LUAv2839ciC+2Br9dZ+Mm3hm+uIJqr95wc9LGIvJ/DyNr20Ua2nz05KmBLuSe8C/cN0kD5BTU1QBEpn4xPM6PNQ5iX/PIxeY3dMn0BrNz5/mw3cAisjizQqNeeMG8+K0HKCXu43dgFqCrDCQeohAdSdgF/iw2+bpzFDvIXyLXVSIXfkwUD+6m0Blu6hLSNHDt48AVyIagUvE0WAhKgCUyapQSwcIZ+jLml4KAAB0GQAAUEsDBAoACQAAAPh2cEgrpEfSHQAAABEAAAAtABwAMGJjZjBlODQyNGFlZjEwZGQ1OTA3OGUzYzA4MGYzY2IuZmlsZW5hbWUudHh0VVQJAAP0c+lW9HPpVnV4CwABBCEAAAAEIQAAANNWEImGbKIRlj864goS0uDAiQWjx52kf7/+5WafUEsHCCukR9IdAAAAEQAAAFBLAQIeAxQACQAIAPh2cEhn6MuaXgoAAHQZAAAgABgAAAAAAAEAAACkgQAAAAAwYmNmMGU4NDI0YWVmMTBkZDU5MDc4ZTNjMDgwZjNjYlVUBQAD9HPpVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAPh2cEgrpE
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f5-6064-4cc5-bb48-4e38950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:49.000Z",
"modified": "2016-03-16T14:55:49.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_526342.js' AND file:hashes.SHA1 = 'a841b840edf45fba6e411f6e10069b001b63c0d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f6-c74c-4424-be17-4df0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:50.000Z",
"modified": "2016-03-16T14:55:50.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_526342.js' AND file:hashes.SHA256 = '24559479740d28fd7bfe95ecf52f274054b943c04ca26bf6f555cd286ff69d10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f6-1964-4932-9840-411a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:50.000Z",
"modified": "2016-03-16T14:55:50.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPl2cEjFK/9aXgoAAJ8ZAAAgABwAYTg0MWI4ZjJmODBjYzM2NzRmZWVlN2ZmZGM5YjdmNmNVVAkAA/Zz6Vb2c+lWdXgLAAEEIQAAAAQhAAAAUKz8/Yxr2im9otT+Y/N6mYi7VYo6kIUlmm6yoBXkY6oGYLBOxUBIaa47RnlJky2k8f5kEcqsNFylgsmEjluWn7EDNdR7hp8TF73oqfFnOdwar4oVNpJo8d59RDDN9ZEQBRfhh/6XVkJwQ/m0sYPQol+E5KRX4mjiAkZJE6akQ1lcwTz2+OkqZFzVBD7yNbtoaYL9smw1WECcsnZYxC4IsE5kQAvgkqv0U6uZ1ebZ+1OHgO8JK3+oKhcxYiteeXtkiKov+lzWJ6ki9LzNzEbobYOdHkn18zVkrCwMGG8rci4MdFFat5byJBrGxVCwkOYp+9bLmAu0dx696D83QhtETacD2REJaAy+hdpx/XX4Ajd5SPcpbHqA4u66v9pCvFAKhthPVy7hchzkTfAKddgLd+gH0HrFSYR1XsuOTnHM0V4v5YW593YdUC0osMtxK37fOzj6aIC7gVFO4AbgRSHr/Bi7MO+D1wXZPax49BhRMw/ItOgTYxloS71K6uwoU63/YW/5bcc/i7bfof3FrpRT+IsxoNPF+kfN42U4rPYauY15rSffE6r9WTRjNhceX7yAnzXC39DmpcEiMXZGLKdEwIrcMlFoeuDlM6yI0G9odIJ4ykmVvib1SqIVo0EoTfNop7iwKk6yjXqz4Xa4KJxsFVs6AhTT4uSrE8OVVxslkTMEMOe0YZBQ+Tvzy9NkZeGS/8yfjW52BzV9aV7pZji4SuER88IXmmF5PWja/LKLdd1HS1qie3nUhnGsU6h70xH+aogJCHr+gJwqRi8v7q1tV/ANMEw1N8IiT3vw8Sfq4sucdTaXHVKvTF63Q+5lMOgrE67eHsfPYwDjktdI1nAsmIjviGFPSKS/yo3SgeokNgpMravxzpOYKmmxC/id+2RIurNLKcmRKawQo/KohQPYR7M5UfySj4onDS/5vxTRMb1g9Jf3J/eE7D0gdy4fUaQsdXeML9lIqbzHnMXYbWaCPBMQm/ZznwsSkHGymap8UnS0m6kQLRM96EymFugA5jxOnlotUUMPyaZs/N7FOt4Chcminlw0xoYeGYCiLq6CIVxMcLAYZMSAjPW8o+m+KZDjQtxe0buodbB7v0YXZAcrwz2JEu3EtfQYzAMbPDXoNr6+VnBq0twIO8mttuG2PTtsKNnX+WwlpQ9Ls5AeV4nH/pt6QKVCFE50X63ZQo6s3WIuSryvdFyoyLB8lYKm8e5SnHYBFiYtJmJ8l7t+IXoOzyek5mYsyQp/DzeHryVXPpvN3ioAmpxQLmoZA2nAUPR7dmaSO5do6k7NOJnFKl2y7lXpp3xe2dL1VYrwc70fgrNmykhRLHnVmdJGP26lvHK1uNTLLskh9fbKNA5GHbsQ9sgzWbls/6VYP3BcmXH0xGyxj7K4wBtKuSLMs2HduoygtDI/w9G2YRQaF1+kzGwbvghLhPXtamSbVIKcdO9qfBDkVfKfWGChX6WqP6Mn5ra6YObum+3u1X96oZlbt3rEntzfs+I6WnjNO/GK6aLO8EoTbgr1BVjQ3Ozxw9QB17pWkb5w/8PQsVPpjPzmQVqoAzdFiyEyLUCyjZdlXZv+i0vUNoYjv43YvWheC3sEgS+ij0eescwStS03jUXP7HrRClj25fjBp9vWWsGt8pSxvO6kU8xfrV0TslpD7wVsLl8XnAqe3PAIWQFEAg4qcwtJL2xyjwA9iAEZwVoxFkvMr3QddIo+KK3AhKMOfUfnLJZOlHCZ7Q4n3CMc1dTHSxFGl3xJiflHtvRwc2+MGGIk4Sl4fj1Hj0cJk+E15rwPIK62ABB7FMqD2G4hMwd3UkIPnSvDU5M1pzds71YoTVRP+/5FZhwkBWHpJltxc31yzGr5ASsr+hPuvftaVK+oH5k+Kk06uNTX2TSPXR6SrTO7meEvrUXjZCYK7tetiP/mFo1MPaBcmMvxXmwH/ZjVA5FywYhx+VCXUAFgqFYS2HVs5w5C1dBJd6dUXLUOeKjgvCN6x6byn4E/y3uiG/dU/IE+AKdx56u+wuDqmQbj09QGV7MBmXiy9M/G5lDwHz6xYoB5WIa684kbIZAXvyG3iW2nmYTiVUCVBCVLb8IMHTmQwpu5100+a1xewotrPrCf5NClv/y0B9Pd14vfeMNmtHLms5sKpXcbQLX6Kidgne9dlHlT3A1TeZnTLT1bT4x3jx9M8X2QpzHkciXK2fwPQLerLAjJS81uM4gaP7eTZ2qF7CicpiW2IJnyXC7bwogQr5lhIESjbFbIHp6CHpBcL2mXWuCL7gL3mNhYQ44TvB7jb7JoeO8UehNnsDNV5WOlM7wbY4wmQgRozI00Q+6aUcbpbwHLNzBL8VfjofV3UhsrD0zp/cJ+wz2hfV4FP1L7NdGKJUYuypqToKlaEE1u4GtfEICuicffx+1fYZVBLMjtUhmuI97EAJVY0/un31CZtltXjhTOuUQWmypdcbTR/9fog4QpubCXjBsG+2HiPS7n205jNTaB6qz3iyePt/0HZZZch8daDjSh+ZccBtlC9wb6CAvpTucsb9V2BIMOv84egEAY9YpFyKwFJFihPVk5y+Accszrd6aI0a+5lTohoj5qMB677NissQrB4Dxx+HvwPtJH8Ng/GY9YJEifKl4U8C8QGfNJP5KMgpG8eO29gLGVtaWn4qMCKg8hXazEGrn2ytibodhEo2PIcfEo7u5Q/dslcxt/bGBmpmgSN9NNFQMNSySr/N3sopYiSMFJDsm2tV/3uds5T5p2UTTCI+vL1PhtyOJ0u7Zzxwrhag5HxWeAAfZ7SBhV/g0ItYC18tIcO4pDO7U+WIUAVFx1MOC8dyXamg8poPbQeCvSrUCJXJFvWVN9WvVV+2c2x//268LHyehUeyXjbwcNqUMfj2npoSMrF5hiNBcTaK6CLjpZWbXMM36D65a42ZihReRsgH4WtvcJSSO8TRwUWauG9DfHjGW8OEKNimITugWVxfrnFkTynt4aut3Mo+KGr5Po1NJevxKH2LG4mtb0N1Svc0+DogRV1CsdnNa2PFAUUFLPgeJgJBxSeodX98bTEHg94j6HgWQsoHqMOrnCDj171IyHatDV+w94XYhaWvz4RarvC/KZPvquZtmSwu8UppjrKBKjBFLvJi3t9DrANecIe5keo0ZNpDfX5shHwoMH7tiOrPD7aiSzDEt8AzXcpKjL2MV3oDDG5FCacIL1Udbc8lRXkmqEyO9FQPyZr1PMgHQo2zhDc0Hr1LCKvbqYbYxK704zNE03cCX5RjNcsJOIVvkd4v1hvHS6jo8M3dILOiCN3Q/r+F4DOSk3t2QGmRpItNjUT374+KQt4Bi3aEg5az7dOa01frQv1du7PEpa3jTb8Bo8qCAUkohjVAHP1LEtUz+XzrFoKxxYvx6VwTCpf0nNjmVv6jMmpw8uvfgIHi1TfxBPGsh2Mz0huRvl0sfIoEcL2DDmxjZ9hnNke1f/7JNWBj1nSg7QWTE9zAB/t13NP+0iJT5YaZLTe8ld4OWMOlhfaqzwVvSfj2XOMYHNi2wGoNCGlPM+tVH6c4qQfbJlIRJQSwcIxSv/Wl4KAACfGQAAUEsDBAoACQAAAPl2cEggPGYvHgAAABIAAAAtABwAYTg0MWI4ZjJmODBjYzM2NzRmZWVlN2ZmZGM5YjdmNmMuZmlsZW5hbWUudHh0VVQJAAP2c+lW9nPpVnV4CwABBCEAAAAEIQAAAOL4crs2HVFbYWbnEJWp2T0oIklK546rwGtpcdfFXlBLBwggPGYvHgAAABIAAABQSwECHgMUAAkACAD5dnBIxSv/Wl4KAACfGQAAIAAYAAAAAAABAAAApIEAAAAAYTg0MWI4ZjJmODBjYzM2NzRmZWVlN2ZmZGM5YjdmNmNVVAUAA/Zz6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAD5dnBIID
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f7-46f8-49f7-a4f5-4c46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:51.000Z",
"modified": "2016-03-16T14:55:51.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_2081332.js' AND file:hashes.SHA1 = 'afb48bfc68a5d1a7aaa9da49576b3eaa58f80cdb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f8-ed18-43da-a269-49ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:52.000Z",
"modified": "2016-03-16T14:55:52.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_2081332.js' AND file:hashes.SHA256 = '99972ec2be1bf6418be0555262108e60ecae7b1a6894b73ec34ed9902c1e3421']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f8-13d0-46b1-902d-45e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:52.000Z",
"modified": "2016-03-16T14:55:52.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPp2cEjPBjTzCgoAAAwYAAAgABwAZjY1OTI5MDJjODcyOTFiN2U2M2MzODhmZGViNjZlZTVVVAkAA/hz6Vb4c+lWdXgLAAEEIQAAAAQhAAAAFt75OJB3oLmLu+uLLXRDaQQt8wrlB2Xwt/QymdxawRRKV2ApRBZ+7qOMhIOUWJb6JFDIjYzwN3MI5Twn7oU++ElvYxvtgSPvi6eA17/dz52FPqLpjHUtgLRQ7wlgdbKXhvEldNAm89NMQZehNxi0hZL3IjcJd2bgHmCSmxj6SwMrYJ9snpME8sZE6/LxmlbWFPy3HoO0UqqP7Xx225I2f/nTkA0u6YnTXKYL+FhpGkkb52arhb8XeXdsYnsntxWpncOdV9r2Rm+AiIJq9ofLJxUcv4TWzGWvs0eIqM7++PsHD+1wHYF/vwUA3oinF0DUsyaP7G1oacZDSegyQVLRsVoBilNmBIvbGkxbg5iA9katG0HyBbYWXGNcZwCZ5tMHY/JEVYzk2t/ZxXM5qVhynBeyOtkvTjs45SqXB97EO8t4dCpQapYC69F9TSJSFe+d+MZQGG2KJDFT6JpVG1ISUc4JXmYNwIQhR/mF8gQTlciKo4gwYiDmKy03D82pCM7cKs0rDL04uQb9jjrswaRUIJ0ak8pLn/x62lGNdMRZJqeW52ruP+8iTSldpFCcf94YNdhbojYBt02Es+019T3MhYli9cwm1jce6LUtUliFzSqLyB4zSWS80Odr7ciLICA5bFJr4NnyXxL1L3TenMRtPIbj4dksCRmLWoP4KiCoa8YlEKCMxw4usbvVLi8D9uQ6Ak4iIIkV6DUwSY5cjsd78eiv1ts8/ZpbGxuQ4TKfy84iCjcFbVeK4Em7iiExjqkNtRtESNzM09beHLBWuKzW5BFUtw3pP1RupuueuZ7OfWB6rEd3/I53680A6vQy2aFybU9GV2QJfZImtFptnhCjPX/caMT2c6y3ZdRwUADgtAOwxQRLIpNrYRYPYfRxGpaFEVhwQmUGWNfuXS5ai03MD8ltsEIkvnZtsqS597BJbIX+xSvzs4DqlDFeiMjzzX9wp/omNljJjqkaP20YRpBbKlckI6KAly+9kjoK1vfBpqyyj/sb0wViIyrPnTEiVfQ983Wg3hqiTsDMui2vQcjwRqF3sXaqXSttUKWtFRAIVkntumeL+Kcz2KfpkWFS/7Rl+A8Vbh0jxOJBDxR0LI8bTL34p2uN5H4K0rpojWB/EV4YAGGLRAUOo6SynRUOP24mz0NuW8Ja740AUDhniubtg5fjORT+0RBYdSzUn8Up4zDgil0RRIwsA87ITjYt6xc5DpA6nPJmOnmwLuLPSdIiW+jNT1w+Dxg0RnsynJWu/NjM77Ljk3o+1ktF52FD5nxy0+x1uiAXeXOTiqGKnL4hE35Qd254/VToIzg23tZX0jCw0O1gWuYxzueqlJkbzrRILUg4YF7LaFwi1baMhS0XrswpGZCwLmSr23oOdaRLmVzRBrN8IsuiXr2FdKiEkMBnkFwb4E1vWVvxLnc9nwG2/jNee7JCXdM4t2pAMbG7RWegKG8KZbLssO0DVE6YP5BBPPYyIXO3NIOdN7aAVTSOzYAdIeQr9E3AEUpcnsPu8Nim3P7AZZd1dUhSOPPCmafggb5hyJcTharEh0mCqfqe3t6io2sP7yPiuwWPBliXG1Fo3d+yV4Q3iDkeclxSLezVi0bzIaOXFLwBZf0Sc4KXkkTyy+DCWDjii1LIllheLIff5eOGOMm2QZpkbnHW++qqmUg4M9N3L/9N+GmhbHJs59vkkVqiLqU8hLdV+GOVOSXzQUuAlL3J0Y2Mx/cPz+hZkHQgJY6qmo7gBncWOEgna/WcglguW6l/B5kNNmiQvQbszwz4OVojbO3sXwIva78dk18mLXtN6UW8u/0spJjGZ6Sr4+Ww7vPQd5m2TlkgTWiwckdo+o5YTdmKpgeXDjE5ikkR+/IcrVqZTRbv/wfkI4jNNTLVckN3h4wbI/7mUtFK3vyo3+gBvJce7fzZhEJJEjrnnkHVRdHwqlmlvBRqX3nQYcUIHfPx9kXF63dp8yfJ7GE+xFGF9EEZsfsswi+pjwlUAsXJ/vc5SAz6v9NhX063Rwlpl4+sAUcMs8VRSSWWTVXNcfV8ugamED81TPOCgTlzf0qsXy7joHPrar0myOkE5AD3svfv6Kcs2RfLrjGBFA07arskBSzAuWs5iq4OujtpCuPkFsmWtaOdHC5iAcwe7VPwfBMInTzLqdN9fN2JrftGmyNQYg1O+ApMBXnhTmiXHtUCmi6xSGVfBIp6b2foPYEhtPgxqnyRf6eZ7NgVv3geZP2HNXbGJZXp0Z0f+4krjgj7Fm9uilKOwTnjEOv0EMAhwVIlgjgQqiBIHSPKyCbXIJbyMXZ5em9AdPzZeEImRgt7IuBc3c5jR1H87G47erNq+kuSvOEsOwleTdQ2oWbu1aYDuhXBpaYwiSYzXHo0tRmOf276Xbrd5reNgeAz1mcZz4G65WXSb0EGcOZfcxFn/D6dsKVpYXdaGbCNTJvN5mAZpeqU8wVVdvx2JTxvrH7Gy/lbUf3TsTsNh4zH/DUg1OOseZT1QlAK5fNfmbhaLdXUAR1RlfVzNVBP2T1aNn+lIcJ9p2964JJtOttffFaGdNGwyfoG6i1wJd2AO2zpesmxTQu+SmbSLaYsS3f8267uRoQIBopgbBHgYtNFxQSNSyf5/Tafb3GmWZy2CGVYk9ns74IATZqWD9c3Z9F+RBT1pZJGb2HvRddw2IoZdlphBZBBVWuhUJ7I6oygnfyS00oIdm6USeEsEMsvuNArNsSsDzJMYZJsbFwHQbbOXpJ3epes90x4hruddXEkOG9cyhkB/ufmFjL/Pn3W7asckGwScoCp31gdnoIvP6936IecI2fIlFYOb9QyeYns/2aCY1nPFUxf4v2NfkpP3a2DxAXBaTa54GyEhutkqqD3J9ut29eyLdWurC3aKLiP3+s0GNjC9Er5TCdLNbLVPaq0zKsCvUCuSTxZAZS23e2d59eRJNRqPn4TRyknEtnT7vLxM5moCk20oehqDGbQRSd5r8gRzMVIltBmmmYoUdgtY4mqxRC1arCHWCzUz/zCJbqDX8oU+Qh4Z/ufZSJiUC0SjcUGonNYW1yJIITmFNX1139LoE+xrZaLy+pr8ZpArfmiKPnvNnzAyX0gOP7R7hSeeKEN9vMLxMHjtWcD+RwHmlri3aUZPqQRiU5teeAtN8VtG1h8hGGGEQ1wEpykHy3AcCNqNa3if759JKLR9UNxoBmndGD0ChMIF7kbz3moGZwJcvIedH3WVv/OYQMmAonfvu7dHV5Hxsa3ohju+w6WWc2PzqD4NT3s8+s85SrIKN3tz4CvOGbTL115smU1GbO0NH7kY31FtcF3sbahcGNQB9fTyaz4ox5ov+dxfG0rPQjLc4W9rZWGEXUVj3rAcV8sZ7mvcsbasUTg/WjSupazC2w0NYoGIsjN+ZU9TE77sBtEOKZ0bJgHlif8Xk3UjRXFfdN9WUg7UVpQSwcIzwY08woKAAAMGAAAUEsDBAoACQAAAPp2cEiZ5wm+HwAAABMAAAAtABwAZjY1OTI5MDJjODcyOTFiN2U2M2MzODhmZGViNjZlZTUuZmlsZW5hbWUudHh0VVQJAAP4c+lW+HPpVnV4CwABBCEAAAAEIQAAAPecxaDaaUn/9ml6BJH0JEcg7+xq1UdJo3rAk/1lIZdQSwcImecJvh8AAAATAAAAUEsBAh4DFAAJAAgA+nZwSM8GNPMKCgAADBgAACAAGAAAAAAAAQAAAKSBAAAAAGY2NTkyOTAyYzg3MjkxYjdlNjNjMzg4ZmRlYjY2ZWU1VVQFAAP4c+lWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAA+nZwSJnnCb4fAAAAEwAAAC0AGAAAAAAAAQAAAKSBdAoAAGY2NTkyOTAyYzg3MjkxYjdlNjNjMzg4ZmRlYjY2ZWU1LmZpbGVuYW1lLnR4dFVUBQAD+HPpVn
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973f9-c808-4909-9212-496c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:53.000Z",
"modified": "2016-03-16T14:55:53.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_72905423.js' AND file:hashes.SHA1 = '7d2ce65680c587d6edcd9c95f4ffcb446522f945']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973fa-0508-4ffb-ad7b-4a38950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:54.000Z",
"modified": "2016-03-16T14:55:54.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_72905423.js' AND file:hashes.SHA256 = 'f15e6c2a43f43db4e76d124361bf8229b33c617dc37c33598eae436629c308a8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973fa-c8b4-4907-9ec1-4cb8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:54.000Z",
"modified": "2016-03-16T14:55:54.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAPt2cEjdw/+JBQ4AAJ0jAAAgABwAMDcwMDAyMTk1NDgyZmRlYjMwMjdiN2Y3YmFhM2NmY2FVVAkAA/pz6Vb6c+lWdXgLAAEEIQAAAAQhAAAAFt75OJB3oLmLu+qHnNiq/OuKnLAaTBwV2C/CbHVGUllQrhChWyhCUkvTi42jKaahLMFqIG0R+YWrcxaL0Lt/qDflRrcT7q0lHFSJum8FPsQbLZ3cQVn1Rr2mhjn5Gru2RuIr8qcFI3ka3xGPdUmXUslA2MtU/bPj24gVgbD96eD+4N2YpMA+JdusNf88YipGxw9eIp1AJqHZwKH0HuueMTLmFVqKJ2s6qGWCFxKnf18H39xPJgtPfJUriCx6XAAG7rRuJg3IrP1wt4Yja1MkQBBIWX9gqU/pTl+K11AJ65WRvOKdA75oxP6ubh7fAl037K0v6tSaI8ADiVYMoGfBgz6aZOShsygQYBI1bft7YGXiRAx3G9GMgBkxAS5vpoMW75q2KVaP0TyZDx2FfviwY95PKzXymY0ADKycqLEqlRNd/S0f2BoX8HN7V5pLArTc6hJZYLXygfgEKDoj6N/qhmGYfKG4IMPSDZP1JQIOqmMJO4imsQiJUTJM3qlouuFAhfG5EiMz/RLsWY9wJ19SE37vpYAoFxBPGC3172UfEuV0Q3iPNld662LAmjgC8VlW1kFZnU7cjh7k9lhUy+0EVtR/JY6pgqoGY//CxZEPKTcy8PgP57pIRx17tz1lgtNifkND3iCyovqQfsp4mn0qabURrQyJ836aJeKmsCao8TUh8nRi2/DUWGRWZl/jaYpwjMgUHuWNfote/ukTi3bsgZXhVUlONc338RBuosTQSCNe3e/6m/R7164EKiopcIjfnNaDyXWcYG2zJZFXzRUk+7KKMSpmp4J7g6hu85ciUSx0+hMUMfDB/bjCe/azTK3di/CdSfasXdm8HN/CVGJQjiJqoPx3zD81DxowePnBrvqrSF1Qkaf7uUhGeE/u4xBTQcMZWPXzECWUhIceB2cYZ5Z34I8IzhAo8Dc7FCWZiWidHjhzL+j7tqTDibLcQLI9YF662jpbaYLRDGtv4YZIN3M57R9aNWoAAf7O5wZGTscToKXno2IEbt+Pc7FqW6/HSTXtNhPeZgg5qUuDinxzPHVgCGgtXLLO4uY+eD6OhzF0r4AU6IUJmxbXNzR5vDM4aE6ZCe/XP1thxdG93yxn5PFsDVQUNReyfrq54lAsPsbdaFA4pZUpjtjLhsgNGq+HhOMAI/MhBV4tnwfGqin0ddI7AotRat6XCciMG6vYO7fVe3YNdypc87XHwm3WQ6RyEvOWU4c+27znhI5Zxq4q76UoCG8ctFkZ8HjlKH8kKcARUmBMpEApNYbLw6UIDYLxD9BEfSY5ZMkkPz+ltzGjwkS3Nw/AWj5qcx64mvjr1fFACJQNiRSqyqe+avJ+KGGPClhyPy8p0iIwMgJfpxn1gCKz4O1cN8JfaDN5Q0b8/XKODviGsVefPj0mp+1KSZs24iVtyX5wYzZGPnLPI6FyW2csGA9d0BCHh3TkJXiRw+bR+4S9maDpju0fL+sWaI+NUk4z5A8Ij5Jl4vurlV6ZoapK8QEAobO72y612qVF9WdN28D4sp0nVooJShayGL7sNSkkz8D11N4/o5eJM6DeL8hujAnwdfRi5W9jU2dETAWbT9Jd+WvTZuaG66LOGdFutkyBmBFn6ibXpktq1Si5JZPs2ntcuq5Rclf++/Tn+R4AWlxmvHabLsFIHx2p04HISdTUoo3yPedk1aG6F/BIjo2WvE2E8jwSKK4kxO2c4XNjXqqEZqnS4Rc8O+dc4+aFsuoTMj5WYQXark/Vi47skX2zTD7eawNoGXTREtXQ5IzAyNbD1NtCCfKaLwHmLvBt1AWoxZJtAKnHWa2O+arAtgBO+ydP3nWF0dGNqlLmgaRmSnGyLKuNolCycbgCtSM9NXJIK+9092aQ/286NjpRhKZV+7fIit6R8CH9f78TDhQbytboB+0oR7D3n/72azUNs1CskMbs+qOHsRRIDvvuigq28TA9WdjDkf3txGK2MSCCSH9n4a6XJZ4ILv0/RvHX18OPyJbFS2YAHxrTOibKUujm91ZmAWQRTMSsmoSZxTQPGPj+FJ4V/6fT4/bLk569kjQvjSpdAcBT1ygwh/8lL1UEzg00jUw1kC/cHiO3upCp5GTZTIgOmkfU5xGkx7e4FsIn2gazVhUfuLC1nnDS4dMjgd0RWcqx6+jzWrK9ND8ZzcnhPhBFVeqSMcgmrfWuS7IpuIwf5ZFG/Z1g4MHNCcbINTGKkhgB+5Oa60/IUkeeTPLfzFganRUYhF8+AKedRJotLcC/WG7nHBGmgpkmD45kSvtfrBo9Kn9OYO3fVDc+2cLLe8Zm721O/XZFTR+1o0KxWPXC2MN2KqGPt++CEuEcaGNcf3XvaJ7S/FTEWPv8uLGd1S/eo5t4IEez+5aGnCXGqtr6ciMbvoic5ISvaRR5frfcom8zQS7pT7f1k7571/Mo2ilD6zwYc41hXLgYq0jZKaM6KLbbda7tXIAdGhkcgJsnzyg2rbPAREnCzUJ+aK34qqofJaCH6DjETrVlu5N5qv8bY/rqcUyy+RI/J+rHJa1JwXLDnsRVrUKiCqQDBDw162kcyUDNhoFMQvps8xlTNbWldCb0+7QRFpWTkO8oCfNrdO4LkxqWZLXKO6d+l3QqiLNLOyZnCmJHJHbzpyu0TMTnZot3r3SD+VH/s2dthfS6MOSMHe3zpeNl3iV07NhEsRL/HDpWLQKaURRGAtzkIb4REfdHiLIQ2rHnC/m3ewOVLnfJzx8ULs+xaQz8DewIoLn+vppBIX2fbJW+WodXRyjbF0ndN1t6BlFHLNqnZsO4iFTva+Xk/vqO9bGZ47RDszc0ss4XYIVgdC1bvVl0j6oPhnrhA4jPuy8CxVoOMisQ2jU7g9HgMbZw8fhNQeiD1fEW/ycGkHA/0HI5sgXGMMP4Va4EMyUTQkZNv0KpN7dWFWptEWsw/CgyWf6apvu19TzYWxUbDeEt+rCAHlKj82eUkTlR1FMU6n7aOtkeE1mCXLswF87vZHJt0o7YUVIqMDNCIzdjrPas1+XydHB+X4cb/KfJspWK3cIANXE9fiv9smbGNZOuqUiEF+Qp7XHRdRw2mo7148TP+YT7ePwKXIMqAughBAZ1JQ2cpFHtjib41tHNmhHxvjljCl9IXwwsCaffqHDXbMManIODDnbFHJDvNK2Dkdg3EDzY9tQeptyEJEk39IzHDlHWn8DwWhe4f414t+h44+1t46MCTsF3IQUTlbEUJYmrGe7+EE7eQoWdUm57IKwvKtuE76DYRhetLzrYN6wbc367nr3hQBJG0+capzn3MT8ICy3UFQbWe3N+186isprRQFhZo7dKS2Jdyi+i2QdtaRasoR7qSpAdHhzIHGJppBOu55JTKyw8XhNTrtf9Pl5nl01ZjlFxqqsBwFf34Kqs2cxBTxnsywSuS7a/ubAM+veOOgdaAPlnGtrBkeAxnY0SUjXih/asmDEuj55dNmF2PYyiikHKZd8Up4wHciOsSLjAbr/vv13ziFMqaoueCe1AuNPS+05eYRBFJpcnn2BLGCuMKWpdOWNjcYbOcOoGqOuSSlF4wdEkZftnjEPFG0HV0JDkKn6NJbFWnRMz4C5q6FRIrzlODwx8SJ1mm6BDTZddBgH5ys82MwJDjK19GN3XrwBmjq8MW448dolkKK+wR6m2kd8hcpOdgKMMdaeA83anaMNjAPn0M0AkeJ2HCoDcpkW2GrP7a+CHmNaJSswuVWLk1/tjkCXdGzj9i02X3hgi9Z/2nCcgK7WV5hO/MsryZAOvg35ZYOrwiMk2qffHM1dZDfX/SJI8WJZeVrOqHOBiCx8SUYUbkNti+M1p3aLLdLWxr+8aZid+9LP9pxli5DiTD9XdNW+IOLhmaXzQNeGiLmM+vO7uKoAesBnbpZrl15cDc96gRrL5c63abUYKv5AQNQoar+R44DVY1YGiiV
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973fb-1650-4f82-bb63-4b82950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:55.000Z",
"modified": "2016-03-16T14:55:55.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_a9112d9.js' AND file:hashes.SHA1 = 'b1af8d94b8cc82f53ce43a2d952f62b7566659c9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973fc-ad04-4592-bde5-44c8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:56.000Z",
"modified": "2016-03-16T14:55:56.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_a9112d9.js' AND file:hashes.SHA256 = '088713eed00e78d8e99b09e1d6b33df100206c09fc664f13303e70d489ab891b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973fd-8894-473a-9f8b-4a07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:57.000Z",
"modified": "2016-03-16T14:55:57.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAP12cEgVMA5E+QkAAMsXAAAgABwANGJlZGRkMmUxZjI5ZTBiZTYxNDRlYmU2NTE4MWFlZWRVVAkAA/1z6Vb9c+lWdXgLAAEEIQAAAAQhAAAA7x6xNTNcSN2892uS8U7HuVa2VALNGw1nnW0FdkDjHpPC51x3Dyr4jEzz0zYnC9iIpkNJOUC4pPKygK3G+cjbWpPMF53mi6mUWLbCXI+7Tm+8e39ZzAA244oVid+naD3qzHKz6GRxmSK+6tQM9CIB/rAiKNVwsoKD3sKdkgtjyyH9ucUHc7j5s5/pK+f+8kxdg2z9Bun0u+snyuiBs3Ysk5wgNmwLUEpb73d56w981FarGtKkKagufuLenbAXqqegz6NJcPvqEexvRp1B4nytJrMO2OcB4qPIle24eBI0zJb5kY6TimzpBiaVnsAON1y9/llVX+MzC7YLafwL4iIZI2cyuJ2Sn99J6PFrdoTgfosOdd1tMEevNTG459hgVa7OQ8W9MRK3r1g7pZQ2bjzswnsFwLPwO8u2FKcgrJdbHWY8KWKosFX93o8ZbRzL3FstzVSCA877Rcqx+OxNDddChGmeG4jJXGmjkb3WFwgn1FfohgEzEbIm3bTk4lhKN7yNr6Htbu5YlxgEnwzz9g/avOtMQTJf3tjqvqFPlDc1Yod+Bbl5CwbGTB8X8CppSXeo5aAE5VpzWoyHrSMbskPc/BgpyRDcpKdHUNqwO6LQfmwliazzbHMAL/7vNhuSRHmRIRBr+HjdIynG1MqD8XTR126DV7PL1fk9lA4+y4996FwRAkZH0DLlvyd0DQfGtGhi9I48AnLJugOVccq0qTgx1Xu/ts4YEXf0TWBu64PtiaQvSy7pa2WdYdj76PBcElnwMzAgVIhf5VrQ/Gj66bqv4rmLhel9Tt+74vy2vtSH3AqyjI+G1RBW4mFIl6fkicKbzgllM7f23hhidSPNiHdOWCrm/Rkzwz6iP5OKrgLKnBbnaHJAb1mff7dcrPmL3NXUkN3Wh5ibJw1RQHt+OzD1SBOCDPmLuSytgXD9INXMX7BIjPFGzglERW0VSQBC6RJOjVyQl6e2mQsk2/WSoChIyULmfE5ezwDAMpY35IIaD+thgZNpYT7R6WW27IhhTNf/C808skr+xuxwja1c2eEuWvYOznmCDvVh+0qiizWGcyKT3/QQm+PQSZsznuOsfXU/JZ43vFK+h7ujEYZZJU0FTXF6caSAEUR5Tux05qJr2tlfJiNRsrF/f6qk4ejO/R61Ich4Pe6zX23eJ7a71bXystf+WC26MJS2/p1YJSw6g303HJg4Lv9dmDKvrbN27xOoQ58+foit0QnRDNmMWPZ+OMssptym6Fcgozr33SsoHqWBdUWpUb/m3gktyvNcL1iWfpRLiVRRC/p14WA66c5ECa1M1NRK3uJuTqmp4vFYsA4+BGPIW9hXaHKm9TB5tdj0AXIGGBBdlJCuF0RnhDJlFUILX+8BeUa34sur84H2DtsgzBaRn+JrAPjlskE3EFXDOPeR9uWO7qCpu3dtL7YAiGJYfqLD+5cY2syVjor37f1RcdF/YXijofz++V1Bjx3aaDP8MXvpxvycirr1VpvSK5BKGIA4M0/Y1ED6iQEgqGOE8+1ADlRl6jro85oR9SABbYaMZ7OTK6tAGXCUiSb1HIX9gHZTZ8P11ukjU5n8T0VdoOsrsjY6HmJmhkmDp39+TBTUNmgDk5GxhulRTgqsxlZnJ5W3uibJ4481augTRcA6QdT/q02OgjWo9APJvPS6KG8LkLDmlUxlGy2vcrjuJg4ITS/5NxhKnTQMOgVLHhm4yuLdHhpW1pP3KruCENFHit7X/bY/oEV6PsGaeP+hwdHHOOHOaMnJ5nnUg58g4VliqW+PSKaP9Y3tgNbu9ZTxUSlumy6Y7wnyVRd2Ix4V0VfVwm/NHuk/Rcpp1gLUhOolpEdSOtrF4L523uEWtE7sZTOi3PLpp+8s/siLtsngsHfm+ri5a5aFegLSTRg/DFHUhpVW655yXuYqvFViwUet/7dozviYmVYz1Q7WdvQs4RNdCWvzMTviGCs17YVOE9xPdvLnQTgA6jppkr/NX9ZlQ5rPRf3PhnSjHAAgSGOFORuj8B0Q7JBiFv2DapPmaDQQyKRd7uflSQzDEkx04UyqwbHDVD10i2zvbG4W8fqEs3tou/lZ9TlWYX7233giqcVUGenUZBceJPXdbaA6GSDQcQ0gIUP+VrcGL7XYp0ipV9rdOF3a0KH0nTPjyY5coM3tZULeqLmChRwiAxsCAd7NpmbSiIVkPVeaBUwE3LMYBkPjLOT0KDshqy06zbf+yOr1TkeIFqJ3A1G/5ShgCK6iQ8tG3LOkXl9JBBkUB0LI8DQVXdwpBep8MniD9C+bjaXSHT4sGnCTBoCduKVCM0cTzMrRfVleLjwBBRHs5eBrGFn06k+HofIg5A3xqtWkOfs+x99/ETJWTPD06Mo7bQj49xuRIQjtQ0XFb+U1mL2kzixnyU1nZjO5a3TY5OFqZ83Q93K4XeYE/sn/QTdf/PIadiLwQqIvt2nyC/5qjGDJpvVLQPBQBE4ASeHedRzD4ALui+lfogVSkR8VcPtGOFz/CVxITBKJTckrTNWCsbrUaX2ScgAkfGmVLEjhd0OAIeA/YW4FQ5OIWsXwmoyqjAh6ShN2tiHUtLPKuHQXTEoKVWt34bwdB5zIb/M/1RNXFYhDglR8/SJ31xWEOKluROZzuTRs5TulBiOlRMDE3/QYQagSTKZb8WLHp8w594N64jaJWtwXIS+Gz25i1iob4AIIg6DZsu4KFicN2PptCOpt+e5dLCqSHUjJ8Roonl5ayiFAaU6jNL/Pc+KA7y2SL8qtSzU1TO7f5lHOnC8O5oH/KhaKIAVhZ+xoj5O/90ZRMQof4nvJScfrrIwgzJljvJlmqEgnNBSJd63HbtrY7r9A6raJvKUFWqm+c0+iAMuXp+dLCNk1NQ1G9zVdUpuFhClqdymJYPmzWNkLALQm7qERXXQQCu6kj4TCvNzo/7nPEsk4P71RWaVT/+ljmBaP/+jr18CW5hruo+f0vIFCJthJhB19Tc/4tiV4s8LFbnnpKAgZaehhO4MRtMf/2JXbNWH1Gge1UtbkaBRcUHvyzYAt+TVBR2BtxaAMdVFzJjt/qOahJW/D0mR38LZsHRiA9+tcV8h4pqnROKHP7JCTpqbQZnDXQziw/5vlNwaeuFkM/v2lyD0Rmu1wLi4ntLXHmlRTqVQewOWZbvkZsJxN2hAW391NAy02XEuVQeupaPEwgCjbV8vWNnV7yIzshatxPqkiljqjULJDYdPpDgOXmiNpEIQrbFQ6sO7DlW47kdPA06uby7r2qCffH8MlJjrwFX7k5X9pO3w5CZBLxj8MF90VEdNfDnLB7dd2A1GYUqyjq3wsk6A19wVBKte8uMC+hvKNJnN84O6dW/YGBVK2MTGTqSmp0xgHdr9MRK3oyjg3r3RBmiBxJv5s0aqvu3kOfZo8YsbSiEAiexilUEsHCBUwDkT5CQAAyxcAAFBLAwQKAAkAAAD9dnBIr/a/xB0AAAARAAAALQAcADRiZWRkZDJlMWYyOWUwYmU2MTQ0ZWJlNjUxODFhZWVkLmZpbGVuYW1lLnR4dFVUCQAD/XPpVv1z6VZ1eAsAAQQhAAAABCEAAADTVhCJhmyiEZY/P/o0pq4RWVSsWGEOe+/1yav/IlBLBwiv9r/EHQAAABEAAABQSwECHgMUAAkACAD9dnBIFTAORPkJAADLFwAAIAAYAAAAAAABAAAApIEAAAAANGJlZGRkMmUxZjI5ZTBiZTYxNDRlYmU2NTE4MWFlZWRVVAUAA/1z6VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAD9dnBIr/a/xB0AAAARAAAALQAYAAAAAAABAAAApIFjCgAANGJlZGRkMmUxZjI5ZTBiZTYxNDRlYmU2NTE4MWFlZWQuZmlsZW5hbWUudHh0VVQFAAP9c+lWdXgLAAEEIQAAAAQhAAAAUEsFBg
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973fd-ce98-416f-ade4-4ea0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:57.000Z",
"modified": "2016-03-16T14:55:57.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_ac64e3.js' AND file:hashes.SHA1 = '00418420feadd5efdeb88dc4b7e80c73c9c8e579']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973fe-3210-4c33-8961-48da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:58.000Z",
"modified": "2016-03-16T14:55:58.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_ac64e3.js' AND file:hashes.SHA256 = '196a912454e7d51a3143d5a7fb8666446bc759197f51e9ab316ef4497b3a1170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ff-4380-494d-a699-4979950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:59.000Z",
"modified": "2016-03-16T14:55:59.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAB3cEiiAH9wigwAAFIfAAAgABwAMDRkYWYyNjZjZWNjYmQ2NDZlMGE3YmI4NGM2YjY0MmNVVAkAA/9z6Vb/c+lWdXgLAAEEIQAAAAQhAAAA7x6xNTNcSN2895aFk+t5MDuetQVZ6JF1tTYwwThpGbkGhH/qALUdPo3qF5a/qi7qJj4/qP1tRq7MVDHvRf4U+VOxxlVdD5mVyZg1yXpt383eu/zVMQGOvTD6fOdm7bShcTq9Pxjf9sKHOae8IxziZJNYlUXYQLUTH3OgnHQnQLhyxwRIZ7t/Dj52ehcSmzLfDecJtfQF/evCts74NpTZupJmHSQ1J1NobNvUj7RkeUCCbtOw8HhQc+ZNuFDrr6SH9wolWWLfDOC/FMYiDMzDc8fa2koDUfazMGudVbCXJVrbd8R83/yUzMRJ9TCkgfa2feMkXZXGMdA70B0AYaPBG8lfcgpGlA92Spx9UGhD26/YSpkKaofFcA3asuhAx+Emb8tj9E7zuYUH+b2WMabHUA7QWk8y/LPDJjzT9mYM/el6YPoURZaEZzkNq4MqxoAcqs8u8K0zYq8oL0pPlNP0CB7eO2+1+R1SLP5DiHnrtM6qzYMuuYYfPBKiRa9et3bvdCIR49B73yG1ntAXbyRa2U0DIzw/Fl/sAK1CaHm7583SQXPJKiNeK+Ld0M6/3QWPZ3PjMNffWNL4O6nZno120LORrM+uO6CyxFUWR8NIqhZLHQ3emcSLmVOiT5XqxTppLqLh+tqJmKWnwHfCEQVm19J6CAiVjMyLhccRWvT7rOAh1+OqCbrS4me9KeRLIpTg5dSo6KX5YM6Ztfj/XTMRqpcEsf5Dn5zQdZXIJBeBIKtkhegLQNw+WfU71HYrdbjZgUiP69PR+JPd1pu8A+vPk9hnfSvPiKFR3IB+LZr69AT8dyCsLmRtqxqYn4wYqrGfnOjBWdOF0NrLyMXcf6SSBjW4dHT9IUkWl4xPq82kyfopLyJMMyNqqqgu5ROmUBx3hXD6Q6eQc6I63HEZOeR/g+d/kXU0ZoYj28f4E1DvAPrJqFMcs8CHdQhX/RgxQ/gKMWWA40q4k4yXToGo+/L4tJ8W81UAJQgHCab8RwR+oO/SuxOQTtAbGmwb4si/K63yOwXi6BhrbFrRP7lKQ+9a0xpEFW13TBXgp0eOBHHNTmWkoQDvagToyhXiBs3GlpSkDvmhdvh/R+1rbxTcsNv/0DUrPf64Z/knSWlivrxLVoHAcjCOxYSMjjwzu49q6W9hlZ8TWkDFEOeHQw1KJYu4plw5hRA5Z945SGfJhu4Zax916RYNmnUeL24fIvF0qfzQuQzjG8HFV6p6FIrk5jUECtnWd2X3VRmiSLgk9hO/oU10+1dZgKvIg/uL20KBk/jnVEetuVqxg/tjFNANlkEkZq/JdSEEZgZtJ3UJN9owDrhMfGR+ku9eiwC/wUB6J0JEE8mjqRJ5+/brhJIr4jxf/UklZAGPwmjd6ZFFixTIoKoJKsUEyrDGeGEa73tM4UeXv9qMW03nOWPrpRgLpmJKIxq5M4SYeKOtdz0RQ+CRFQ6HtfCnjJDBVl0weS33aacfD6R0Fad0VW4JRpx7CK9VyxML5SyVCzO+w/S8vLPhgQ5BCYVY7soYkNQtuGjJZrn2WYLGZqgmtLVstZa7B3L9II2yggS0D6hlQ4CNS8HBUuxkK55iUE111iB+Ess2cwrRZHkinH0yamusftYVk9aCKGGcKUkE0qomyTI55wFmw/Vw3RHR1voilZ1vn54xOvclI6QHeQ6sGbnuIWFYJbRJieQiCOz3pJ620guZ/8gXUHhHpbyImP9LyEg/jaW+ied00qe2pX0A6RjkRrKJm//GtULHLXXffSZQFtHgn52RTLvLRAuEH8z15qNR/of2GNDcvkenw6q5QV+8xxP4aVtvbQbenRcDnxSf/InAtezQjvtpYxMGYKRXmze99Nhfp83m65Wx8Xgo2zU/UCmmA9JDGG/446yWa0JnYRml2HBahxXrLKIKXI58/kTugRSnhtb2YodxBQpB/59h8JdjKRQMnWZRoQ8DoOs/kBycecfiIZv0/FaNqePsKvyFUrRir3e2pqc7QyXUHx9Nq7QK1xb/W4xqEy+vpAkALzYG4RLBXc5ZJM45bMLf7qOYVLMph0rY/w0y4yPY7SZrcx2yURgooMrmgYZLZBow0RmEy84++uD71hX5YaxuRQ4xi8HKIHg8tu6pEqn4mIiaXp2+lM4E5eicR80gQz7C36JbAvay5oyuEqs8jP7S3vtaAWL9aKXac2h+z4EuyT+pkwMyruKW1OGel8OrTdnLa4IQ6Tw7Y9iM3TVSg7VuqKZMupiWBDemtI08+Br4AkBE65kkkk/rOXR/qXfUYIAKtlplGWj5JZhDzacSkbDrw87a25VGQNCZGcRiP6PCoCFgqcFvFvh2A+FpmeJEszng/270dwfzUlgbwXLtKJgFz9h/7nCNfi1SBnY+QLyeNn3fU2mRI2lWjenJDF+yS/2a4OqrlJ8j9G99nlrwMoxuj5u/+Kav9rc9LHLQH7Qs27xS2wKu16fXFDDHkUpI/teFh08z48FMM3gQUi1BV0Oijl4PRjem2HXeH9thsAzZMn0dH5INHPbeOSaB/48JGQH/HNru4QAEeOm1fafamN+kRdZIHLFSgCaM2nZXp5TUkv45qTyhJYEUzOQIIDGaKqk5zMpJMBcOLRNCuYnN+M6FF6mZXoXM7DMkeo/D7kOO5zUX20h1WeDlGraEv8sP++v4EyAauEtm1J3ezEWg9AvCZNqw0t4bQi1jDDkJCSq9f1w04EBL/cEoigZQl8Fp9VZeASpjLjeiMgM6JGnmX2AOnMJwGdh5JvD6bUv0V8NX/oFRUndjf6I9p2mUkn0DS+nsyYOd9p1OIKzKkt5fRaJXUpszQMtJN4QgsAXAD2+sDmYLBOORCh0Id3Sn+bU666xANLU0auna7CEoiT1Z9MkBZiVwJ1+8+U8ig8vCZUaIf7sl0MAopUKJL1ZQzdz5ga/cZ12U7Z5gBw9/U8u4/20tLgBF9r1lDE5yM4+HtXyppJG2uBVT4Tt1IqxFbn/V8WAZ580RqdSe+dSvH7oA/33xkNz3ud9KeFkc5eGQkQ95LSGI7G91pwHGShWco6e6PayS/Fzg0J1v3kiEN72/TLUbrh14oiOXsQwBPnJs2O9Q+ivh7MQK2QndWDRnIDKKdVBc2oJHxM7XXrc0pu+gKuR+gt32wJO1QaQt3bzBxf6MICK0JhPwI7Qnn63cE2e0ken16Q2oOkMzVImjHm7EzW44A9tP6EEpAUlZL2GuEdNtCcMZ/3pMGzVE6deFCJC4UM740z5m1bkXV35+FVUTainW5fs+owcc9U8JRqCetTVC5wuPvXa5vB/TdfirP+QugSsVc/Tp//1A4RhIUS+bCGpXeOPm0sWB9ynkBbugydT/4BCm2dESO3WF4q6isKrlDZkf7cp0RGn665qpPXXDEYgkDaj13rcq2BMHoU4Olm4W3I4DyQLuf3BSxQ/ahSoQzpd6gi/gh+SMsmoOTM4DT5VguCPOQ+XiAmqAyTJ18fXI73DKVv0ZX3qwDjZpPyi72jSlp+r/WlKVEuN1PUCW8nZLvrXcJjfma65p/ObjR9odc8Q7hLNZDJh+l+48W+26xzN5L+1n8OWH5oYoYsvx0WqKMpHxz9HGsLmEi4DO7nkTBhGEDK+woS+Wiv6HpuWpZssKlQ2TQXwuip92l3x8sWkZ8yFYao9Yr0obd+jl+V+EOD7rMXyAYaws58gHf5+zBgbe5LCMXF3n3A0kER2GfyrmV9rnvOVto7fg4mGW2eZYvu2hD77vJOPuOq6QzP56H7+d1ukB9yhu1x8IVbe6EBtGjs9Mxa9n8PwwYZ3z9yx9bzEXumMSS0fzZ2QQFHrutNv9feRJNoG+7ayhPnywH9A2BLkmUSUsPV+u6Lr1OdoeOPd1UcyYzSlJ/lWNvRJxg4jPGgVQ4POuB0vd0MG7cI52wGBgvrckeeQ6l8uFZr3JTUTCxW
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e973ff-61a8-489c-94c7-456d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:55:59.000Z",
"modified": "2016-03-16T14:55:59.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_b33f46.js' AND file:hashes.SHA1 = 'd16b77a28a5395264df852cd2c49b265f8d43e78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:55:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97400-73a8-417d-b1a9-4ce3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:00.000Z",
"modified": "2016-03-16T14:56:00.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_b33f46.js' AND file:hashes.SHA256 = 'ba6f2f6894e44a8d65c63834f6ccb207ee608c36ddc5301d7c9ea90ed0dbd116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97401-3334-474e-887c-4212950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:01.000Z",
"modified": "2016-03-16T14:56:01.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAF3cEjAGIOe7wkAAB8YAAAgABwAYzgwMGNjY2RkMGQxZTcyZjYxMDAzYTk2OGU5YWI5YjlVVAkAAwF06VYBdOlWdXgLAAEEIQAAAAQhAAAAjxMW5HoFsj6ArZPysrJrTb8R+wYcjJhTDdwusp/S5TodfsIqrrGI3tGiWN4DcYWoewLpPU/z7hPrMDD182wBX6SfFFKm7fRJKa4yE9xV9+1jDr8sob62FBUc/FIUn7Zp+ZdfZ6JMWvOT1wedroUU7ErY6ihCLdajD0zdZ4MZvnRUcr+S3zrANVcU+RWsf+kbONDTbTBQjos/f3ouphFPBcIHROSHZxznhVGhANFvXNGUUYjAgd6IxvCLjvdO0yHplXuaT21nx3RZDBpYu704ZvrM/Lb/g4s5ne88agP2wUaIvxwJpgrIU3XETBpFUiY1fFY3ShVZOHAiYO1kyFTzUumFy3FMx4VOtGN9zaTJxDnaV4t2bl+qdfZaaKiGrzUdLwa1PSXHtJzQX+if71dPGYGKiB2VbQX0/bL94zlqr4qVNewktVpRhh7/kObREdIcm/Dbh5k757cddxqPXM1QNAOZsdXfp3r5VkGCEBfCjX+Vck2xYPUyo1cnydZNVJPQD6e0+cuS/2TXhrt1+EbEBCCpWB2eqGP1bJsAMVuzZL7ZH8kcCqV8ECFGKE1KG29vgp/QdvaHNdIcwoIQW5ZFwLQ0MZW+d2uTrkgDCggq2gqRC0/sn33It6n8unJiENlan9sfeMoGG0bOKPmVj4ddqaLl23NJORsX41zq2TX9W6kLaL0FsiKd9SpuT+jTKtNzeLNNYC7HLNM8htV63BHcJK0xgFpGht5S/Yd07zw/GAHyOQioTOYunBrBkiTxrb04PUTtAiJdVfM+m++iKmbtoa9EtgvcKc+0E0kPsLAcCMFG5iZ6UNo6Rb+w4PfsMNkM03l6c7yvl5XrpbOpqMTApIT17p4IToNBwmzVuVYw0XA0dY54Z+sD7qm1oChzrt9AoKspmNOf7m00+Govk7HcNe/gNM4g1ycW9mWRhcXhoUsLwJQvRwtEMsD9Ag/7wunaJOySW0c9U669iWX59/5Shl0UiAWQ/rgzjnsoh/HvgE2BkMwRw801BKK+gIJ2AfP7YPBEq7SaVwOKNk3a8JRKbolaUYZdqRbjG2KUL/8WSshbMTZSK2mIDIy8KBymTyikaz77+QzHHjD3fhKrxX2LRIeeMs8NP5ZJMOZYKNteVfmJiCgrrMXJsHIi18KkygzSBc1sbGVE9Z3N3RvaCU/52k5a7itsFBXjx5nbQvX4lnQsM+KUdWliJ/OWy/Q+E9iN2ydnxRSkkLeVp4htHhCc3skDX5si9Neekxlf0UhBvCcUA9YhhXeFGYXvKvVgVM/CIL2u9pNC2ghDIfeav80nDgzSN6eKMkqpjoiYrosVhpX9WFG983T9k/2bXdZPBCKAolK9bZqG4Ik0H8s6nlIR2FgC1HEwrkl8S5wGvrcmSKSPXN+4bo2ZWsoVXakdXoiCzoBglqlWCgPsSB/faNmSW+2/LEgrxpLubL3mCMeMe23ldO1/G+74Z1HInkpcC+UiIIuOpmavk9XHbrlzmi2zt0cB6VTrNlYwe7frESlTQB7YO/eTudkM5txTyjDOiUYUrZZM4ZMNuiat3/UPmwcVrSgafiGBzybpVy/YL3SG5Kx2hb0MhutJrNCQtkRnF7LQgKbZuR9gQ59pln2wHHf55Okpps91B8MgWhdCifXs1/nM42TVleYwaosQLce5jYRme+h0EDX/5d+h3stdruum/YnzAtZqSQbN13oUoF/C7SgO7yMeNax6BGK0oa/j7+wveQdNlSpD6iw6xXhhGQ4WeILmOlCYC/6DBE5zbfATnU2oaobmRWYv7fS/JOgmeVLPbkIvvJxiNerF4lT84rnhDs46AYfM6MfS/v6HHO7NYKPoDEMNh7wAr4BfLih4cvJkppggjWQTQ0hE1BBfF98J4N5eaR0ElCRA7yLrCtwqMoN8vBSwX9BDFyH/71v9f9gVFCDHShLwtealyFaCxY5PfI6HF1w4DaCJepoW9qR3DMXpAhxEAFhFiOXXIcDe8+hGjxe9oMopQ0qcKfvmpaXsE9+yCXvJKtGuDXoR73UfLAjKslN317Bq3Zktc3irYBMRAAURS6EEDIv7irra51fgO21HFIWVLJrsup4H2qbHrJ7Yfk5EMEghuyjMWPmK1FcW9KSTHIzyfxxLdFu/+30OLE8U3bQF50J4RpVhxOMK1Tkf2NqmrvuNjtq/o8r98k7nL2ZVjOEW2pkV5tNi5AGtsohCcIE6F9bV+X35MEbVs8tyqDPeKYETcQnrYOMGAeFRSZrQextQx9bvHYdX6PlFeC4cK9Jrd/8mCH8bYYO9Se3bENKrJYwH+0JUL2HbB8a0MAiuvdsJdibyFw1pxfHjpYjEsxnYmdoUvswHDiKBSk9z0v7Q4w/gdiI5WGgbqEUFN9GXqkW0LUg2fwZlpfxSTGzUzL5sh1M3d8zedSUi0ySdY4iuACcXcZVFg74nJ5ks+3RwOI0QUeJ3HpZxdHg4GEkQlrRfEOAQ1NOF6Xt+dc+/BxnVAFLQrHliEZdh7nCzq6h6wOu+2GJIwgA8VvmqeMm9eH695UMZmG7YU6keP8SPfSIWX+I2iFPWpFvar/iheZyl8/remSmqOCEa/i2x+rSIuRo2B3Whofh11k6nE3NGpLJv+3gI8SVHKOomVxjzqP4TM7zNr9QCvvxup0sTrXs7pQUDPXOvUFA47/ka/XRZ9hD8NqPCVuwBUevRU7lNacgRgFpb1/9Ke7jVw/hDXKbx4TVznE51UvpF2gKh640lEFgZvJWsDJMu7trmZWn51BLk+haVa/eb+gQziQf7buUI13zhq/20dnQPWR61vCC2Zky89tKAdiqMiNB6UvmAh3fy0ablolvZPVYDjG80GqKlzv7Qavm3q6xS0FSkawJhbAtOoWtHwUSP0J5ejf5avuD4uBD0ZDdrhH0Wd9xFFRGN9WQ1yt3V1vPCzzOKnkDl/QwBsFwu4jJBD856ygiKuR7kjUtd3WsxroaVcQrvim2syprovX/VWPcffRTDnCZP65aj9OCq+86jhkFdyMfA7FHDNxwI0IAfsai/2c+nDPB2Er80Lj7OZ1hKlYNbTC4H1bOIj+YxliSHg8ZZmRty8b7g58Cye/M1wrz8Y9meoGR/5r8+NtFDAaBcMyAgtZ7/kT3Bd46/mUUFewTbDyIdeiQEhQHUw0JJXnEsBb4afzncKWJE43D8Ba8F4V0ZbBS811iunFjaD8l8qjv/2KXYyx6Y4cpp34fnB3RPgyott5CuZUZycYULZg15q5a+xG0zq/9G6QczAtoJ01M0JWvNvJjgqeBoQ1IKR0Sg7JqX/iPDvtTP/SZh7k0Pi2sSlwpZuUJCeE15FPKWS1x28Skcx6lSLzfpvSLFck9SmfXDa07PVsdNRFrxl2sR3/kHvuXneqdPmfe6z9qzKp8qlGJQSwcIwBiDnu8JAAAfGAAAUEsDBAoACQAAAAF3cEjyaNoOHAAAABAAAAAtABwAYzgwMGNjY2RkMGQxZTcyZjYxMDAzYTk2OGU5YWI5YjkuZmlsZW5hbWUudHh0VVQJAAMBdOlWAXTpVnV4CwABBCEAAAAEIQAAAHfrqv5RumMgGkzJ3afY0TtvLCyD43LMhYzoAwRQSwcI8mjaDhwAAAAQAAAAUEsBAh4DFAAJAAgAAXdwSMAYg57vCQAAHxgAACAAGAAAAAAAAQAAAKSBAAAAAGM4MDBjY2NkZDBkMWU3MmY2MTAwM2E5NjhlOWFiOWI5VVQFAAMBdOlWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAAXdwSPJo2g4cAAAAEAAAAC0AGAAAAAAAAQAAAKSBWQoAAGM4MDBjY2NkZDBkMWU3MmY2MTAwM2E5NjhlOWFiOWI5LmZpbGVuYW1lLnR4dFVUBQADAXTpVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97401-7364-4fe6-b2b0-46c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:01.000Z",
"modified": "2016-03-16T14:56:01.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_b421e.js' AND file:hashes.SHA1 = '1ce44efab81a65fff77d2bd04bb5cfa384da6277']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97402-aef0-497b-b482-4211950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:02.000Z",
"modified": "2016-03-16T14:56:02.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_b421e.js' AND file:hashes.SHA256 = '638d5d450b5a18e8f1212d47ecd618c3d45e50b49daf7f4d485f282268b7fb61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97403-31a8-4fc0-9efc-470c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:03.000Z",
"modified": "2016-03-16T14:56:03.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAJ3cEh8MjHXSQ0AAEIhAAAgABwAM2E4YzRkYjkwYzhjZGQwZjA2NWUyYzE2YWUwYWVkM2JVVAkAAwN06VYDdOlWdXgLAAEEIQAAAAQhAAAAjxMW5HoFsj6ArZCaLKnNxJqYWrqJdciEzqYXsY/6Ks+2Z8tuKJoy1GaZUzuTVfzclMnnCgh0Tm5N9zFOw59AdrCPAANaQkpICPFaGpUcmT0BL6VVOnk6Zw/MLmhngjHhFxyQF8tkTjvsKbGEiyPqAqEySYCrcEtKDE/1R5cjavzcgb4j8pOFgmazwpf4KSGU9iH+CsdhJqe7USXutj3nw8EVVHrpY3NpIn9DeVo5MF2rF+1ARafm/k7Ls0Br7mdyEn1yh3Mb8NZQphRdDEYLrO8RjuwLXauBRbJtaq5o+JFK3afQNM4EP4uOD8cvuKwfo2erSgGSEJMTCA0i5qJMR6x41BeWWEedFQq2JRl9ZlzEOKqsKOwd5SewNcfh0w/ZFSs2+vqgvE3/fI7zoYAIOz9/NYv1Ln0tmLKNjbTbB17hG4ZnzplHv5kD7duZhuCHpVfQYE4OQISBB9oKEzsdq9ZazxfXEWB/AQWOjCKUxNksdFzajmWC/gsG9OoZHgJiYQo0G3plVriOIiFYeH4YbYwHlzGkQIh4vYWktjr0T2Xn7LY/DrNvtz/JAK0iq5hBLQJr+3oGcA0cIpYnfJLI+sn0mH80YM7YEXag+J6yvD8J+3H/BhBYR1FMDO7VMkmwqzk6Qef3kLfpkQYeBLdSCPx0wnGJN0gbpoEEOvJ986vjbq7uPCcOHJPrd3Ee7ZeTwrciF4PmOfPYy5pFbrrOJW2K1IEjR3IUTfGiFZl46AuzxaF2WGDtZUpNchNDFAZdA7ikW5uWWxa8ZVfrxRZh/XF1IPh1Rr/NdDvUX/fFb2g/7Fli/UzOp8EWJ6Ast8opdrkZjtavjpS6s5DiHqxXzFEHITXdZlEBiGXJbJ9ymoAGteLqgWjreniQVyP4jY1eSgAq1OnvTyd2Hx0LmCBxP6f/+VhrEgUd8YVZM/wnKTccvZPRoftt++KWRCuSQpZlzk2UPyXJ2w/aMKkJAQdQhSEaMulH1BIqKG6sfj85n+G08GsuIN+V+NDe3y9m7pq5qCiPkJurr64sERp2RwDil8ZRYbs7DbjU0vLtdjV96cYFq7hdZt56TsUb4l2M/AZb9nc/xmaJ/Xi0ZUI9rDIHglPlf/tDPQy0RlU0sP4ROGcBzz719jFB0CPsIzB0p7wsbFgPc/EV12SK6QHEFhE90lLG7u54xhqlah1iuDeCiwQoiiqUeIHnFyJ6LbP+TrLU37YlmmMcMAK66aQSqR+0e32e5CkFbJ5YoyUuqC+jJTmEzkWoR3I5JZsXDFTxIs0RXGiUFpuWLB4ptz2z6Q5Jg0+Mgi7Ca+h7qIbOhV/htC9fnlkO204+egU+l2FdkzZ068Hn+4jkVUd1Ul+FSqw68wArtrCf4bmi5YKQ1COaTKZJc/Y8QysTZCe4MzlelFogVRPu8I/kcSJBiMLM2QnElL/7RHuFXtSFZn/8Y12CqXRg4/zlc6h76Kbb14asNXeb5kgtp1pgrZkXvHyMyvsVFb+9A4xu8vO1+cvHV/B072c5LHijmT5kUjKu41TcT3dvO1POFY1ER9Sci+UWZ4Weo8lEkoy7I2WcuZyA5KD0y41DHKSxbikoocG1e+OrWRfl0tfRe0qjC4xmXupE1ZDhjh46JT/gg1mzdzXTFQv3Ele5XypMPuCmtHvgj0D7vrZqqBO0uCdGSlFDPGfhZJXcKjDYBZLz3HbL7phdWfhvfNZC/ZQo6A2xbowHQ9NtttPAq87yIKzK8iBtMkj1JYsbhG+Xv3z7L6AxJ/LbQAeApYzv1H9EqcgPblvcB+hJ0ctyyWT8LQ20JpU1MWCOAiM9gqb3Eo3mrd9Clby1bxy4cbXVFyxfJIU08Q5RZ20nUj81AVfPKkReXEV2jFnVBsXrC4DJJYK+1sCSYDfsx/jGKPC4JOucn5ntVxHdSBR8kNKd7MoE+WcSqVevws+iU37Vjq3MlFPC+ip/jK4LsXEMuTltt7liuBtWbp3L5sSqWN28OzwpahOUGhc7bunCM4uMBCg7OGHvAKR8ksZWRgNhRDWEj/YWou1R6Hefyl05EdAwyFl+AAuXu+B+701Zu9dR9qTcFnl/T8gBKCU0gNJRbTOAwjlOX68VUkpX8ce/FPr5cLrULTObw50ecnr2b8lKIPWpgxWjYa2xYbqRm+1KOOoYHmjD3DSA9mXRhfGXxFJjY3wk5hXZW07sB9PxgUvVd5Rhh3A3f0mkTKPPU3dbHNlzqJT3rWLzWGBhXlwkXkAa4p+L6tsrPAyyaUatCsVKcOlfy6FJS6pBthGrtSd+3gTsvmUn5vLfsVpIUL3a1F4igZooVYbvWX4X8NgfRz74H8paaxd7LWZ3e65JrHuK3M1XXAQO1pux5v355eKgF4H47hImVazvhqXj3W4mbuXdc1IfQ471+CX/E6CWBSKcQ48l/5n5uu1M/qGuzWUjyJakiZC8ITOBwWZvHF8EO5vpYkLrh5061IVVcoiI6YwhhMHebYrFN9fAvSOfakHrlfG4lAnUIQGCuPdGLiBbQNWeYr2vdOAV//Ry3GZrvPPG/zCw1NxxaZcsOQGYYGVHOHTEMzF+WHufo5fePrmOnPN9Ffwz88S9VLc+sbSXBQfLM9yyO0CGRzZnFcMa/kdkPr39a9QBrMCCttGfGf3tZBbhnlIwM8Xh7tQN9pJr4cxxxc+10Xx2RafPUUQmS41Mp31bU24tpQs147WgSuqh1lmv470jYYfHzVQlXIK6h56JuV71nvgAV9C4MtaNGmXq9jcFpHp1//gXxpMDl2Zcdy4af4+UOPNcYVvro6OgRS5RGFvDzpx8LCsINTGZfP/meSQhwVJ6ipsZzMuDRxQ2J6K8JdRWokC1tiLeCUdrMbLHu7s6Sm7otKM9yTY00y6nrUzPjesMxQPelhFnhgPdBYkzkU2/cDRX8eUIhoaXsv+0S11vvf5j+pFeoc/EdKFx/aFJU80c3bFyfeNgXlZP79s0YdKc777Oc4Y95ph637Hc7t+RvTHizjh+Eq9evIcA1SzOTzwg23WZQB0wpWhh4sg5ROkk8LqPf5y341LvbZvIQyy4UIzgLuQLy+0nB6K+ktscFjmH8vntZx8TQS+D0NKQ96JjRW+iiKdNu7g7LeONZVD7OXfNlcfdQSZyGhrd1fg17czUUwGwxRSaWq1UyfNLFHJz8/xNlQkP5/ou/PvCxSOKUlWaHfraY670v/FGCs6O0IBygryk7l+tyE4WhJxjv54Jllnf05OOMEtBpXqRYs2xROnJ1WgIF755Ghpi8hzmwCDFQcwwhfvs/ezINhZJdwK/AgVpbiwV0hCyDtj9TJLfmNbRdMEml7JQ2C2JnLfRAhaN2is1hS00k1iweAzxX8O0yhGG5zSS0bSaIckPF+VUgYlNsGev79MwcAbxHSqPMaSD25c9xhbA1XbAI0nW09s+s6hbFDrUsQojTEw2ZnDZ7B3uRuDQbUT451uhptEwOGW5Y86hBCz4o6eYlvfT6t1CC1aKbOu97Y+TxG8/30DlVJhyiR5l2Y0Lyc2oSbAnA8SPrqVmw9e7yQ1nGz46Cj5+hc76UQ2wU/s7foJhZzSndwd+yUFtEoxugwLUDj+kjQ0WRudQWZvWDPiJ2heYvgVLI3jsOCOrjNDTY5NQsqaOicCBqruraUefQ3ciPQMrt/ZJmewlBv+/azrjkMy1Gr7L0OsXFZsDqXpGxKQo2HrQeQX8C0HnwFdMl1EMskW5m7H/pGjRVttJ1xAVR50CqIucAa9otWENv17v1kMesqXdiGs/qIEtATn/+t7BAPPV8o36G4UiCkTT+AZsFtQGmKixaoVKEEqNoyxbp/lUwOcAnihHPVMJtS8ECA1OgOdXRbJ2xV8WZU6K2gfyvEdK38af0ElfcXXTBJyY9vtLHrs6EupRBhCAOEkq7smtpNjDY2q4CxwLpuTobk
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97404-7954-47f4-82f0-48d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:04.000Z",
"modified": "2016-03-16T14:56:04.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_c1f9eb5d.js' AND file:hashes.SHA1 = '96da18e59877c6529ae26e5c37a7d89b0a52b48e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97404-1844-4a30-84fb-4c07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:04.000Z",
"modified": "2016-03-16T14:56:04.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_c1f9eb5d.js' AND file:hashes.SHA256 = '6ae46b3d159436c770ccb1d5517aa7007da8786d0668933275d76ae7b2900892']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97405-d2a0-4579-9ca8-49b0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:05.000Z",
"modified": "2016-03-16T14:56:05.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAN3cEj2i9DacwoAAFAZAAAgABwAY2FlZjcxZjU2N2QzZjE1NzU5MzZhYWZmYjVhMTIxMWJVVAkAAwV06VYFdOlWdXgLAAEEIQAAAAQhAAAAi2bsKZWhCkH1zVFv6yXO+l4Y6VpXVbQ9JOvaB3jtWid9ruzZvckSJx08U075Kg8lsm2QRn/Z3quvH0mcn7b4xU45i4nH3y6XRY3rUpvbd/N1Wqf6hqIFJsEL0+al8lrkhWuv2oIHsZBN9v8rHjjifrvCYo4EOtKRe3bepnQXwblrSQ5kBSgYqHICqybS3wtFCupv/lKGToOEK6G0TZ4w+P3ZP7c9j27Zra9qjQmXVSJ26lMwfi3QRhRVd1InK/7Vj4WQSaDDFkbUBMf1QxCk4bbcnUEYudXkE7BuCHPKONdHt3Fgg+PVM6ID1Y/cmRUb3hifo3ysmFBQA1yA0Gzmjh8DfTbU6XqIzbgvPbL2XEbgzhuxl3N1I4Xj3yizr3ZB9LD0Ebetu95WbjHNkyc+t/iZqWKcy1W9f1UmllHhiyVDZ+CImou83aswoJfpWjsz7ABALcvNElzrI2CC7324If2sIjFpvEJ89OAea4CWS7eP/YGQCGiBkS2umeVPPe5P/faB/XseXR0e6sjLUIDNcuAGEBdO+2oqTjJuSLdkTpPk/i0pA8vFpEKzyX8WBIw10z1RpKzNJWZK9+Jtr2zKhNZkRqcNyRHsd5w81mqMy4WjE2XbjtopfQaMQwzJ6sahppCd4Iyk8+3TODea2WJY/54XoGAiw99Zdx/Y2J1NSy7+9sXqYmESMRpyv6nDXNoQdchKKBjLndFCKAp+v4GusqHBotek0YkiAvs6HeR5KyWsk7xNVrNW0nfb0mXnTIST39+Fc+5XK3jmfWDeEJ3hXbDStLgs1GOyBVn+9qFzCAm17ZsbaQY5Qdu8iqQAValmxvlZVsoMOU//68l2heUoZJP6E0hlKgqgE3gNhWVtlDvrBPt5+kIRwKXNJ3K2v0Dbbl2nURt3FmEMdqspzs6Tr4ibapDzzEIQcXFzGIkKrttRY8DmvvcBuPD4qOmRP3HqDK0UZuXkcPPWGGuxxQEoLGe0jaB5AYveZOdoD9I8CrGriDSJgkGjQebsMRZ4BUZT+PeCpbNFwRDyDVmg/sW8TcDpYYYBF6jt6KPEMDDQUvKcREkhRoDO7nuu9yo6EZRETAEc3TpT7PP+TbyCTVM2fyLbHcy8WeLiyX5TBfBJjG1OzO4mmwVK4ScG+/IJnvkpKEFAR1wdmltUodNioKp6LwM06rjn+r51HM7Ulu7C00BOQawndhWnnsXc/39UsCeNnjf7v/l1gtqveAemHc4eLgqjRsycuXCZlNKGv4LTM6N1cPOUFaH6fPQPPqB72+vtNb9k5KiGbpuv6O/KwJM9DDig74g6xEKG/m+isAlhpEPmk22C4IUcU7L7s9yVMz9JQQ3BuXk6OIiOe3Lpdy0GRvtcCQ0MOrxMtJL7x0HUlzXeuGv/xmfibvNSyKeXauvHtYIPUuCt4bsI6eHH6oYbqS+XC/5hEswLhVqyZ+CM+Jegjkk6YX6b1ufI6NHzau8+8BApxUOEVMwx6pN21AfGpUHZsvpvfL4RQ/7+nUQqjvIgc72V9UwGLiA5G2sejv2l+hdtlsl11h4qd/biVu77eZOVmo0HKOBGLQJ5HWv2BiDJEciRZaJHj/IqUe/XY1kf+TrWSRd0TF3W12ncBS37ScYDKhegoA1XbyxeSLBorzUL+3wfGlwxo1bwOH4sldJnaXQ6hOgwtfkXEVQOqvCu3vZ5QqnaY5L9Q44T1Dp/klhvgS9R/C0mh8DeQL81u4sdrPouDKlscsvSAnvw4DVI3qKYB9gUWPYeBztV/qQMDiDyb7/HzeLip+TNwoXc1c4BCEi0ln6L6SwGw3zwe2Kh8wOdvcZpdv9cBfAcBxBxEsdzeOW4G/WHk2qKXgD6sV5pQj4KiXHZFzELUNOPw3cd4UCWwKNrtWGZg1xpbqfatIT2KFlfdY8wYzUzPtjI9Xk1lveJex1xDtUbTThZyicPDm+u+MRRKnKGPS1Su1uW+cfiUhrmAw+Ys8M+HFM4QD9zBz4pV14pOli9/6/nFYe1xNwUzsycVctN5cR5MLMIFM3GxXCzF2OvHmla378jYkGyU/Ry28HwSjpl1LjIQ12cM2zEPX1Yu2PR0HJgvruSqXTb8bAgP7fqX97/Wa8KK/UvEUepBEkxbbO12UFGU1QJ2EpQ0/jbbr3ZeUrWz31dGQi0w/ScKE15smLgoYoUuNxrAIMsrJsZPp50oBDmtJgAGDjr1ABmNlJi+CYXwJSPGoHx4g7/vkOL11t5aLCvGkM0TZjavj8eYtf9rTEVCZo5TSDPheSR6X5skiuMk4VPhAsdL6KhyfrWWQL+EAPniQ6vMRxXNGA42kTBfnY8gDLADOfuHPmnZAgq9FlmQFs32IJ9mnacaN0sYrqQSXhHrkHgRchWK7++5wtenB0WB4ZnBzrZxDhU8UntcKbTa654Pnfg9x8x5hKHJYTho7nhWZxjqzS+FinfJ0OdAf8rlrNmzTsnbPaOhiZW25NZw4dLmn5PFW4w1R2w+wILkipdFxdqOuiqxLyAJ/5dgj0BYrWSn//mLSKkbExtWb7viZyD+MrLHdpBTr/oW3f8kK4Qr/Ejz34SQH61qUrhcubGifasX7UeC8QN0K6EPmGc6vFeCQr5Je+hjY6/LfACFkdkrwUqWrsYmDnvZqLxLNNLgW0i+5zkLtG0Cy+bwEgw8+Jp9CTE/dqarB4R3sL3fzaPVMNGkivPFOFhuHoDoztCjfTwKQAdlAx878vCLU/Z5bO3Chq1M9a/A/6lsoZEPbEkBQZ4oJxHYgoRSK/5/KONU5OXkaH0iBGij44vxb1De0U3oDgkDOt42SeSJNmcejHHLURf4r8vegst5QV2r32VpQXUdresKRi/Xu7D7lVvf7tnpErJjMrR04UtHhsnyiWEvlGTFpLEjyM3behtYmjS42kGX89btl21uF0Al3OBAJgEEz9ClrQdk+89bi6mhSEpX9a9ZtrqORFGPO5Wmm7RQWS/wQPXldCqHRlGtTTNWiTbs5WuG2rOPabDL3v3KoYryEYzVJ7n8lhXGgVm/Hd9E6/ziaO4SN20UB7g8m79T92uAyiJ+nFWDXvnu1TOUXhiJZZ+lF7ZgvdL8UCu9wUinUDO8EGU3oVaq9Dz715FpzWLh7YmSkzU1De9VqNkwKcyCedMhL56h7rE4Qgp0sivKx0n9JuXpAbUFbH8XecQI08jNLGjNhibpSKbjBA1FWyU6v6s16U03WOBg3rkEPUB4drf0R/5NRqAzAF/lc64ZtUq/LfsfMUbwzeFzpK1FgbdDXGc50bX/86SVjGGneelYFk/tC0OvObyk+uC0xXwYi0Oo0YrPVg65PI62Lnz9k5ufLeJz/M96WQ76X66paRZ4Kywyqd24cBzbGI0q1IVxJ517fZKg8TATqHoWXd8bxxF6lJsfMdxRY99sK7rUkeFlwOK7AnOu829yR/VN3rZo3XhUqGcYf32cqvDISnHQFd5e4xGWVySIxYmfyDD7isTjM/4ibNoUzZJm1UlPNkpz0dQdx2hvisQayRQNgp9JUe5Bck7Veo3t93Uu3Bkxg1aE15xFBEHERX1XPRtRtR4TD9e3ShfxzNQSwcI9ovQ2nMKAABQGQAAUEsDBAoACQAAAAN3cEgXTNFqHAAAABAAAAAtABwAY2FlZjcxZjU2N2QzZjE1NzU5MzZhYWZmYjVhMTIxMWIuZmlsZW5hbWUudHh0VVQJAAMFdOlWBXTpVnV4CwABBCEAAAAEIQAAAAYMPntC54fYjikcCRG9EKOaqbER5FsiR22ynp9QSwcIF0zRahwAAAAQAAAAUEsBAh4DFAAJAAgAA3dwSPaL0NpzCgAAUBkAACAAGAAAAAAAAQAAAKSBAAAAAGNhZWY3MWY1NjdkM2YxNTc1OTM2YWFmZmI1YTEyMTFiVVQFAAMFdOlWdXgLAAEEIQAAAAQhAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97405-7240-4070-a084-4098950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:05.000Z",
"modified": "2016-03-16T14:56:05.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_c32bf.js' AND file:hashes.SHA1 = '4098c0d013b864239a24ad1ae9ffdfa35cef6895']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97406-f32c-4e25-b980-42ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:06.000Z",
"modified": "2016-03-16T14:56:06.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_c32bf.js' AND file:hashes.SHA256 = '6635505a5b203775064be39c69a0d749b590c1270bdb37f81682d107ab6ae63d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97406-7bc4-4843-ac46-46cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:06.000Z",
"modified": "2016-03-16T14:56:06.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAN3cEijItBOUQoAAN4YAAAgABwAZWNkMDI0ZTMwOWU1NDlkMzAyZjZlMDFiODdmYzkzNDBVVAkAAwZ06VYGdOlWdXgLAAEEIQAAAAQhAAAACTWBWZ7eXbtSuMEtdGn1zQVg+6TRWKQX+FPO0i71WiyIMz5e0KwjxfeovmBAK9ca+oMpuZYIMlk5PMi4lbtMxRbAHo7ARsbLRyxpcuWayqGHdhbcA2DgHO6j6br9n7kBoNGvSaGNY7vrcb4Yf7DCQcw/mJcblyIjDm3MuC8Y7fbheZPlao/5n77gPW3DnnfKwhVNolPvD//A2Sa7fzYRy0rxnM3SfvBLVbLPsrQ2Dy1eSk3ldnfTM5qvahGZfMU9NIlhMeGVpOU0dfTeXIwgMI1vNipzyROIDY1Qc4RzI/4VhK0DYAjYVTCa/CkHmIDHhbuezJOblrpUZm1AgCDWfjfg+jJOBn0MvMV2FdprRwVxiultyczOq/bT9MRLH044XbZlH6u/lY4QljJDXQNoD4VIfjc3vbnZRUabaVSJL9Zh0L0/rIYsOxZrK1NgaiwitjDX08KQqiUCkTzbrr7J8GcvTRcJv6HJgQm0JABDfgUlIHz1JdWWdEtS4iwGaJm1fGZqh/jcCTJatRAFdJHrNg3CviF16+6JLlSmiFeEL1rTf9tSTN4QR2Uy/zXekKUkbnTVBjuCasP1ILZN5kZDyvRCjMifYG99gfZ1uZ/ibJBpJiChjZNQago5lkIUWHSX0I7TvPbSCX5sF0Ezk8io+C/ZXfWSV6mw1DGkZzniZGRADYbpm5o7nbn/fC8jm6y6y38vvYqRk2BBek1zPbkDfDni2fWNlg9sGZthGVBG/IcjnOGnc5LBly8OeEMYBntB0hTS3PlzYDSqkWBVLHuEj3XQd8r3SC3L9i2PwnE2b5YSVwJwbdyn+o27q5z59NdCjGkr9VE4AkiHVQqNQc5rILo4D4taV85/TH5oDeqMKS8MfGijBp7aEblmG5FothDz+2aT2EuY++dcD8rP0UxU+E6n7WtpxAJnkCL2wIt+LNbJCMiOgyoZHbXoBCeMi+chBmQ3GP7lbEuespSc8+J347khdsPvZw98iNWoe3wyBiFb/ZdzrTcdIXxZk7O4hIU+GaMN9Q9je7N+V7PByyQUkf21uDtyOLHL7pg4pDoutS17X9TzlD7LpfmIhM2dRRcWUegBeViKG7M5/bWNrMPMWi608WnonPidSeV+ZMeSXe69CF+DJpBlf5dyNVin9PPq7TtUbvdZfUr4wuKldfYxB/nth/kC+qS4B+Fz7l/xAxlZMfFfVp9EQdheYJv6fZX4IWAbeOB0dcbucIPVIVt1f8XyhpEIxlDsH4ZglSQch/qjROgkr4SPNIcS19P8QEBOtcR9zs8cOlq5779viCIJ8GXrRwBqh1/VTKVtJA/AEqoGJqgUi+gkphmQapCNHMpdOh+6Qlz2IOKDK6OAP9/WoHTMBymJu6sU0K4c76fFjIa/NNDxyOOOxQWhFNcfF6RCHduCDi2ESC40dLAvZIHGvFhii5vjhaBcBb37MnjMo4yGpRapSdExky+YVackjesJn9jLTFA18mr8hS07h1sPh30zH5ENoZXXWi6CXK3gOnwyzD664f/xdA4nyeB9Eid5Y/AKuQRAb+RjbHrnQAnXfURo2hEUp7udi/JZ+zM8oFFil/w8b5f5xedSg9HqtfdysFvFbhBo+3AHgH/+xX84V4UZpaT8seFh2X2+Tuhy9ewKq7QMWHbyuzLjRxEVLaxCiNy3eyNnkZvWxzUamGWRDlFVTK3sftqX2ROARYTss0aNmYdcHW5qyStQgpOxPx3mqJ7WfAky9fuy5VkMY7EDWyGbCsQ5Oy/TCvOeAxPWazfUFs9CuVXtlcto4+q9g62nMecBtieMsRwl2XITj9I8zK03iEFrfmKf0ensgq8U6fFFUKcFtgjogNEQGAB3y9wtSsfCtAEFPJ4tpfTotcmzOiFLweHrsGc71RzG8SYm1nj+S/0TSjdL5UuB96Sa5MprrPNr9alJ5S2QDWOepfDQINOOxVzBxzz6NFVw0U73KtzHccyowxpjkAlPEfMecJDqvg+Eohg9pnCLZMNfqXWTR888G13CmT0VjG4mgYDpFqJvLVurr3GOdKc1teD5+tFIs/cj66SrzhMo6x+J1YJkUMRIVAhJnvbFcvaf6clofjPCP8jc7bBcE9zYvDwkZAFr/17c8brtBxDS0XKu8tqEgSX87EutdRV2sNNkEHghAR1u9K7gX88oxYR3eirBIHC/DvEpoPyMShso+HIGKP0KrKSY/5jISoEEYSzwNvqQqGuSa3BXkCEHHrIFP66XbZFEJo6XRsmKsoF6C5ZQXnfOMGpRellR52NQbR8/F+VffehFiRkU/WcMko1O7fyg9dXrLJLHrEE34FoAmd61xQ93T2ComCOTf05ItG3dnWyZH8w+S0/x4kdzH7j9DDcJPxo9AEM/Jsn+gHhCTWvYX9awKeXSAdWDnm6XhhjhKxM3vK5YSbhQdbP2tMk0mOHwuVX71JoLfPvzRWZN2apJ4NsIXmgG0vOKmITYMP8Poy4Cqt/BXmRiDDJkc97IwALPhXJKh2VADDqXK+VrnCO5EvOHfyZQj9zX7AwMw/nWxMHM5r3LqBPpCOaXiGvYBVkls+4iYBPL/GFMpkpOubHly+cJHyjs92TKq0LhVZONGOll8OrrjvJOkpCEl0YJ6tx2o/FPz/kMh1juPnifa8zwGLp7HOiE8dzQ6lvUqEFrGash/5Rg/NekSxQsfr/4ftJmaJMYzMecu1ENqM7+1xXJ18FTavpAYKM1tFnEnOq9tXPwmnVZ1Vmvlxg+OJGxSE9EOSuz+6VueVA8VkTgX5ePjjyFgSWlI7BOApEDXljbJ4+HMehc8FFVfwu3Tuu3pkwx8I5vojAv8C7k3DqMT2V7/BX4Z1FFYmsc1jS5vYflvuHpk9KM+SAjw3PoXdlKEMLbXqb5vOIx0mT1v4ymx0QI8htuCw4cg8HKM36JjdaE3vCc8PlukP0wsa08nZKCsXFMKmBB/NY+LC6pfXuXtuZgZYVJPlreXU+GSH2yVTkCi1SRPClPCbd8iUqh8BheRJUYQBAoGQwSqthvKz59wXQg1/X1YMzVLQM+w8BiKl5FFPwOG+uNIknkYjuL8hm2CWPX1gSGrPUC6JtEQ/41SVS2ltMPNcuUTzB8VN4SL7fhrgxwlz5AadcuZTr8l/mOmAkjmy+DDTHtLOQMD/WZCyMMiAMxmiONZIMPE0VyzXKtsGLWclOhEqGp1UC/VQ9CyVF9MWmgz9hKGQgCnl5VcnMXxeSyrOEk2fEhRqTqjwEpveb6onlCW+1vJQWx+q0wYQ0zbn8XlCWp/tybDRnOt/bE50TtdKeUiaaKQlziHaBhCPQrMe5JMG5U92kDTknDULIHkY53ybhxKBiDGuNXLCpguaHJ7RlZzitnAA8eXKjJYr1eecGT5iCUmTf6ZsvSquLWLOt95irky9lRwYV1wnVygW8+MBSc4XITjKDjbesv123XSDWrCLW9BIyyH1q8XzcLSGRxaIucUmMJ+Nsg3NQclRCsuAf9NFp7/DTx/7pu3k5y+Wm4rwL2OCxjb+ucf18WVhVi9VBLBwijItBOUQoAAN4YAABQSwMECgAJAAAAA3dwSJbq2YMdAAAAEQAAAC0AHABlY2QwMjRlMzA5ZTU0OWQzMDJmNmUwMWI4N2ZjOTM0MC5maWxlbmFtZS50eHRVVAkAAwZ06VYGdOlWdXgLAAEEIQAAAAQhAAAAd7/sJ3IMq7TW1tTkGqWI01gq05SpqVqqQApp+qhQSwcIlurZgx0AAAARAAAAUEsBAh4DFAAJAAgAA3dwSKMi0E5RCgAA3hgAACAAGAAAAAAAAQAAAKSBAAAAAGVjZDAyNGUzMDllNTQ5ZDMwMmY2ZTAxYjg3ZmM5MzQwVVQFAAMGdOlWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAAA3dwSJbq2YMdAAAAEQAAAC0AGA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97407-4554-4663-81f8-4124950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:07.000Z",
"modified": "2016-03-16T14:56:07.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_c86016.js' AND file:hashes.SHA1 = '0a9ff284c1b9d05688ff2a8c312faec947996ca1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97408-8864-404b-b96f-4975950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:08.000Z",
"modified": "2016-03-16T14:56:08.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_c86016.js' AND file:hashes.SHA256 = '342816d01a9b2bfb1aab5308bd038992dd7e97ddf277a6a1146fd5748758531a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97409-99c8-4f91-945d-40a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:09.000Z",
"modified": "2016-03-16T14:56:09.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAV3cEjOr5NfJgoAAJoYAAAgABwAMzJiODUzMmNjOTRlMTFlYzJkNGQ4NjRiYzNmNGEyMzBVVAkAAwl06VYJdOlWdXgLAAEEIQAAAAQhAAAAUFiG+T4rUBMakCA9UBlDO06sdbO0UxekQ4HpTF+StAdkfw6Rw2njbThHDyMCikUVFNq49QqmswAMeiDbHwvU1aNUqgtv1YT5z6CsiBbrG16r9brpD9YiDlTK3LgocjYBKOguJ8PvKG1ooYTVl5Vg24QnFj1WhElorxUXKJquw3I+H4/51XsFP3S02Hf5zrPEFS2WB7VOOVHW9hOD0kpHrGX+pL/uEhGTkMAbzoVj4EQn84TDl8wobGqN6mB343XHjUeX/XpRwtUtbTDIf/CPacmX5cqegm2Gmc54n4kAo/CJp2usaDzXTN+BudLTM6k3XcwpJwelX3OCLGgcFbkbW91fmJJb/NKgW6xk3GJULuFbGtccmJv7/kpzh3Eapn7yGacZ1ESWbgqSdamIW5eUEeRFGcaYAiT9K0DKW7VOxCaBvEbHnIEp6sz1a7omVzMh02Ziajc8Fcv2fS+Tx59qUXwidSFmCg5SrtDcxKx5b3EAFW7dy79WIEiBUBQ51Q/Ip+JDq0h8AMV+2vpYe/L9jjmGlXbWn8nIrc+Xs4syxyYC5gSzuO+J2zxE0bwgYMjvK5DpuhzR+u5JSP+GwV1FryHvBAWOh/YD+gyqHeBc1uot949+TRX6X29qS2F+0y4k/L26NBiCi8khZJ88bMdzGdBFQbWnPOvgUnhToVbMhtSoXVlq3nbs2awYujlSrPnVYQ9yl9wv9CjsKFKW8QVGsd1yhDvLQdZaPw4UFuMD/R1u/58u6bRGBZHTQYhF+owlIz0fkGgw5fZyp6eHUA3y6+KdLcTCM8Qy26e1Q7+ncMPNTAfZOSK2973Kc4kkajh5AlUC9excfnF5iHcgVOLgEsIFYv5VG0lO6JVnbNyR8I31/0Iv0tL8B/PjaN1xE7K0L0vdZiIngbxjqhoofv4JMRDY0pb6gWWgxPay8D7LOCs1aduGCJb8llWaz5XXAkm0a972l9DCpbm66UWPET5ibPFDbG2roZlenzTC4727cEOo1L/LhR+Vt+VZK3Nl8XNoDhs6ewio06HnXlCNjcRXUEribwEh9BkmQxrh1G6F8U/1+abXQk8R00xtod8LWQa+g10OVwv4zBv47rMbaONVudJEl3buHbV8W07qZoGSEaOuwd4A6YM/XlYOB8xXKCchmpFhJ/hdY936vZ51AAd2zHr+c3o3WnXpKBiu2oMovIHAx+j1It2EPGQyZQaLdKb7xlozErcw55rKA49+lAMD9k2g81L878VWHGcl0bu60KAc3D/xfzCg/KAlTjYkZGPRS2C7rsqS7RI6M5VYmzYGnqxFGVq/bzOFR7GZh5uPvt6wYrds02yOztDvF0sP+yQ4vGgRjih9UXgaiWNy0Z4g/5an96dvKuwcrKMDbcvA7u9EbwvlGfwSOrSlW8/bSk+gPqL6IGHGrfDrwmFQCGQp85fo6sw125oDhAXe3SDOTMyD0KdjddrLyg7JqOaLCAw7X9cRg3arCV8gBYRYe8PC+tgUzM7Wh2asdugu/MqENWDVPXmrPAl/NjYd3YtjJo+Lrqwm6Tr0uti8D7Grtny99p6RRlqaRvBPgDp/nQO2ZZGPT1R5NusUL9L8JTFmICh26jXZfDYW1jRwUftzNQdXgzfYOfMXKjK4dkI9u0p5zKRcLFFmvXELsF7E36NaJXlPY63K+gmJLvIlMKzOQCuYivDZI/Ym6Qv+EsGJ9doOrEB2I1enZZr4H61p/nY1ZHZLJQqbXYkxUG1Us8+vPlf6zcZITZXZppFCXBhE0zQs63bNLVRxxPWhnVJtA+9lhWKpWN27Pl4Yg1Ws14Y/Zz4BNXuSEtFZOe34rEVAc+kIEnFp4Ru/ygFIsPXdvVelJkDjtFhPVSYlywTqhDFhncXLuoVuz9zXhNi9UNw+7p1osz4n7jG1BLfN6MBWrBUOHKHxdEvoPECR0Qpri4uAciHXk39pR/ahQBOmPtrkxRUM08S2liu0A+hd5IOfpQUISdMOIonh+CfjSahNqJISvMNpAa1ngkZxNFDtEBBDKBrBTtqmGl19sgMWvwKOxE7OGn30AkyLFK7U/1Tcpb+t8jIEdkvK8IZeSocMfujZ66M5ruPStTY8xGEBl0TqW6UhBQhJU78EtMYRZ4MUBVlTAPDYS1RW7dF2AEfkS1tBtiKXlaw/r3DX89Zky+8zHdHFaEFhxUkGy7yDsHbyitxizn38VSbutG+eC1aVoRyov5bCBd938YQ7SpD5tPCsHfbjvAt0ZCMz80sGZu2esrzXsF8UR7KfWPTbeU5EO2CXUWTnz/2MIGyRBWzOei5YJisMqc0Nn/qLEEFOqax/Tyo4HGNb2kkvjtBit1y5rotdrroPgszIi1xwUWcIwWrs99VxHAGW60wZzJOey09YaPZn+mID3Vlj09H060FEQhHkt3hnKYe2mpCTq+hHNrlggup+r7DMKAkphOUN1OaOAFF5Puwkf4Q+Kx0PSp366WxB6qxoJsNCdTpjHwi8mMz0oGWRWH9JZ+WzAP4PpqKS1fhKenAzxCx67finPR4Iom/ggEEeIfxTDl3/CrUrXFChb1gQfmOPzCnUUeLMfJ3X88QUO9965eRqY3sRWYFYKaFu+kQmSGhQKsf5aheMEOBB87AVZuubepLUYSBrmmwUFw+zCviVnFh9FA2zeYY4wfydQgdKWWNK7qzL0jllPyW0Nsfve515m3mY3dB0cB6Qing2D8ebWC4GPKwCwjtbRRwOqjwOt+zg7qajHyRb+RFXxQuQLhttDhwDM+rfHNy1Ud8cE6b4I9XpXM+wxwTWz6SBvfBjJclmmjb3DQzQmaMAaoRNDufuWQ5cBCRHVgssctypxJKuRRle/GL81Q74/taPtztQXFgw1XxvmvAvSvlvir5PyjM1XW4cack8GTubhztHQAMtvf6WRpX9t4tR/qoJegmnUfnBG8pc+AuDXvcnK0E4WI4uqPN2XRQQdhSb1Y/+PH26TAy+S8TzzrvnFiYSozUgUs4U1x1o3CJ4ds2YABoEbwjW7T2BT9dSzGazjQSoenv1Fhh2pkplRpkRurUq+7uK2aw46cSOoe7Qf4sUQNrpG0SMVpfsFAD1rW6GLTmCtQSIyeAZwgwjYxuaX0UEoAAadipI0/a3Jlpe7pNfUnoIe0ZV1IeRB7L3g4RBQOVvOQruHO0AiZ+WFzShTMDrYXT3/QfPRkJQ13qXtJ3qJksTwc2CXdMptxxN7SXxRyEAvkGu8wtGR1NGKGQISoakXxuvYDBQwai1UdfwaOfHsLNLpSld8HfUOo5pN8i2uIe9IDUa4M6ILt7d4jBuev3OvBMeHeqYHTt19Yugr15LJa1CAjcgufLqD7u7bpWVZL5NADJeoWyDZC+ss05fGdr7ngYe+zxHb+fND3aNiPImFHKsOdzB4azpaS3Mwq72j4DvSljkWOKjnhyQf0Zhaqplpf4axmkr04mURpSvvEeauOZN8+Ncbahuq+ffUEsHCM6vk18mCgAAmhgAAFBLAwQKAAkAAAAFd3BIh4PY3RwAAAAQAAAALQAcADMyYjg1MzJjYzk0ZTExZWMyZDRkODY0YmMzZjRhMjMwLmZpbGVuYW1lLnR4dFVUCQADCXTpVgl06VZ1eAsAAQQhAAAABCEAAACia+UCH2ckHaYkAos6NeDyLdXPV/RIytcIoj+nUEsHCIeD2N0cAAAAEAAAAFBLAQIeAxQACQAIAAV3cEjOr5NfJgoAAJoYAAAgABgAAAAAAAEAAACkgQAAAAAzMmI4NTMyY2M5NGUxMWVjMmQ0ZDg2NGJjM2Y0YTIzMFVUBQADCXTpVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAAV3cEiHg9jdHAAAABAAAAAtABgAAAAAAAEAAACkgZAKAAAzMmI4NTMyY2M5NGUxMWVjMmQ0ZDg2NGJjM2Y0YT
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97409-def8-4796-95ff-4996950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:09.000Z",
"modified": "2016-03-16T14:56:09.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_cab2c.js' AND file:hashes.SHA1 = 'd32d9f976ef12793b9e129441959c4782d5e2c4c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740a-b204-4418-aa0b-4cc6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:10.000Z",
"modified": "2016-03-16T14:56:10.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_cab2c.js' AND file:hashes.SHA256 = '6b36b93dad564b7246f1a7c8df30f9824be79f3a9a718a959ffd6700250c0333']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740b-a7f4-49c9-b61f-48cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:11.000Z",
"modified": "2016-03-16T14:56:11.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAZ3cEiN8F1c6wkAAJ8XAAAgABwAMGI2YjRkY2E1NGRkMWJkZTBhYjdhMzZjZTdjODdmZGRVVAkAAwt06VYLdOlWdXgLAAEEIQAAAAQhAAAAUFiG+T4rUBMakCOv6ZR+TAqtpRmlnZEaXjJbctpRptCqwHIhghMak4CeK6LFoOqSaQMRAqcYRPDTprETfyuwZubfQHJTbsuebje5JpWMAKBesRUb0RwE7i9hf9FQXAQHs7hxuKja6isBSJ/MOWSuAokbmJw67ZVSRSyOLTfKC6cuJX718rKixpDMBNyAR+MsmAnGnALmPbnB5rP/t/dWv0+zRsg9EiRtI0HR86atnEVNgajjMVZvgosweyTPEYnxE2SSfv8DYryttoaXMPvIsNeKhjhK6NQW/lhOEnLI0hJaFL2DPOxDX4Stt29gBLyFUk4oompBRuU2S7K7O9vaPDD2yQxBf3zw1zX8q2v4wNuWSRyy1VIaO/kOvwmnrvVt+OqrEMq8osiDFZ/bs5bC5aqcVFjnf9yVDvr+ioHaKzzZoWhSaYj83RKIHdciY9NbLe6LlOBOy5eOwH/dAdvnISEKRTIrGplhC1Ofa3p7i2ouhLewhdC1sy0XIVqJ74WPsnpPb0ImoW3bWpp3CYtQ8H78nEMIHm6zNvqUJEMLkYnnNv5nkpy1c9HUo8Y5C4E+FpHXiRCYL1Q212YOCIP2KWO6IFau1WoWA0MQbp6wNlJbBZKJMF+jXbpokyYE988/LIWQ6WF8ru1f2EP9E2CsMoGnWiwWp9wS2LQVVLiGAjW3m1niqz38o1dnyxMJklAAJeUyOBsEcXAfwRQnY5PMxCCF4nItvzQBHeyVuzRh/et6uKMpGDKoVcnpPgIzC/Kn4cP2KUiWLw4RUMOwllx8J29jW1tp3kjW7aJNOSYL40vjPgTeFFtvp50/qULh1aBfC695NtKLviH5gbtlQMpytYttIIZved9IPvlsbNI1TjXs1U/Y4GIL0rgHEzjIlnykpuVN14Jll5e+05xWLljon6LygvLZ5YRmo8NtNx87ug8Kwh5B7qSs5NXwL7BOCbi2MkYXnE5GJA+xtOOnwoeJhFpTQeex70aBVqHWab1+tDk5BE0ruX03t99ciuh30Waxvl3XnruRgP8IVy3d3fReEdIVm45jiOIgIOVWZ9x1mJZIuDD97odL8UQZIuTRCMpQzVavl9dja4tURNwt7ZPhT1YcLKpCCpqkNtXV2SrUm4OCj6uoT1KbDz2ZVCvtjcXfer1KZas4I6hh+JmZFy+/A/d54eidqOCnHvkCrCJanikCV7lHenrOPmeGtTt/OyiU6bHEKIww9DTJBydenx9w/e9P9FwCcctTBeQfbvbfMC5w0BUgmShGpvvODzDG1UVv1KyVJpZLZkkZ73w/SC1Q3RxSlvsvHzSxkqenjq2kVzDB7iZhow7xkl3AYl+fka6LwWum163V55YN+MAJb7jpsXUWMZ9T69vEGFYwkn6Mm7MEi6JJe18yWKNs/ts9U4FaJ9mV1IU+VAmI2Ja55o7iS+7ewTf7beaZ0sQq5WyrH2t56AuAAHnlc0jIocMO7nyJuN0no0kr8zbusUrelx9DlPGtOx18PQ9k6bHVhubuHtimOmmYOMR1+F8EC6rFAkHTNKZ5W+S4SwNqkk+wU3IKAZs5mwHry4Ylth+/nhv1RG2neTBmq8W6BMD/4EMTrp325D53GKUu1MOspDMGFBjiXqbVZTehQ3kTIrA7x2V7uhv3eicUDrwMDHJIBLmu4J+qHqCMPZiGvgnlFhUn6oFVIXIbSmKktSMJyhh6iQXV8nRsRDu8oZdadWEYEdCo6QrhAg71x4WUI5M4STuKtgKj/Kh+VSCMvytr6ddB9Dh42UpwbQHQyYrjQSmjCPicfjBuOrXtLkqDL52pwHFXt/YoUZxkPymH2HtLj9KDJao0Uqjz59BTOLiZGIv0VCN0dmmCb5kHFNtO7dTRB2Xw24uBbNXDcvd+FTT7YaPlE0+teWseiVm5rxOUpnnMpMq+0aX3DOdLGxDQzIHUdfeaevweX/idAaGz+x9lQXK0zJRV4ADkfqdpc6fCjRgENuR6eQixOZZQlIg7krtVzOP1gjL98nSrNznmBE8UrY8XcBnybyNJgrQP32Qm8irJ3gCXOXq9uzP/SPAxyGkvBkV6drnKXrvvdNsfTEaHh9TSy86TmaIHvf2GKrWGuCY6o0823+pekvkM5x+8vvb8XqVj4S3ajytJEuurMkexW7R/GCjvrKHXjP2HAzLhTRZWx2uHKLtd0pU/HZZq9r+ldTqH9CSU6YE09nBXZDI1a5PF+oRPiSYNUzjkOhcSwFDxVlhg+5Q2J/jJD7A9X4ibwazcv9vtTsbziFMaoIPm5xeWwagaizxOiLHvdKGev9ycKlzqz5L4nTDBUcFnWq+2wdhP+NZIpUNbzw1OWS//udTDOWtteVtYskP7W1QUUPvaV8MicXa+HClfVVaY67Y+eSvueJ9hZUu2MHknbTVW/8noMwrJqg7sfQ2gRGGORv6ZzyjOC/PVQaRdA/2BPBobFL8SussgS2OOm2hRbaWsZINH4SsYRKYTieTBGdjaF+Ac2JuCrq1FIhgsh97ihb/0poRF6suZkVHy8M9Aqa+68fThy8nutNRo24C2S8UsIWUIMGGN3rKEwF6gk5I/g5QmkA4pBVjgaHexrBqt7vkmjGvNIPHMu3WzVR44Q9svy4C9hJYNk12b07nX5ITAAM4P2MvlpTnPeNjN8K6ErtBfjT8AM3sPO8ONtu7o6m05iaJc7bMwGJuCclXnShOIv7EGtXIKXqeyWKOLxP7uNrURVpZM1paGNldX9OlAOO9eLxDKkXy3e1q+Uz2mVG6zT2NhriXq/U1ZWwRK/FEO+H4SdouUR+CVrHkIDUVKmnLQ41480tNqKA9iRtOXzeBLh1kuSQBAKcXC0fVWGLI6aMhfTWyRxLf4U4uKMYcaxVp9XFfTLbynC0S60lOzKIuu4qOgW/htHVZlLL9XTIDC/h7LteDa5GlaU8yIkmiUnmnmv08WZot6N6LAtRr9h+IgGzLhhipq3e7J9RWh+tctaTsn4ABGZyxfMkBPJo5nb+gh4I3jkUI5fPgi2p1WkW2nr/O+874v+xJCne8jTyCh7ynT+XND1z1pkbSPKirW3d9d2CCQD804yLJv3D8b57ufN2SF1D8Gl0kKlxQKvC1ctWnYtX+wME7CrPUb4NrPKH4zwCxishcdiigfBrZQDhWDagSsSOH/ABh5ZFxxhXsE+JJaRrs5N9+HPb3aw4v/U7dJ5NCXNHUPQ6wSQ5HY0TQxhRL2+Za1CB0bXlBPYN1GF3NU89zDMRL/BjlmlDIiWjAMhIauYKXjhc1pDYMjpowwCUGi7g9pScs+lRYYxS0Dz8ztgXjU3utJvFCzRxe9iCPG/7fnMmZRQeHk/kfKfYisJ7wfKLZpswx8CKaugjN8bYzMcMkg/oMWqtVgGyX0AX/4Bt1L51BLBwiN8F1c6wkAAJ8XAABQSwMECgAJAAAABndwSEX71ykfAAAAEwAAAC0AHAAwYjZiNGRjYTU0ZGQxYmRlMGFiN2EzNmNlN2M4N2ZkZC5maWxlbmFtZS50eHRVVAkAAwt06VYLdOlWdXgLAAEEIQAAAAQhAAAAomvlAh9nJB2mJAGjwYPzVbtVs8g/SEO9PDW26EF9MlBLBwhF+9cpHwAAABMAAABQSwECHgMUAAkACAAGd3BIjfBdXOsJAACfFwAAIAAYAAAAAAABAAAApIEAAAAAMGI2YjRkY2E1NGRkMWJkZTBhYjdhMzZjZTdjODdmZGRVVAUAAwt06VZ1eAsAAQQhAAAABCEAAABQSwECHgMKAAkAAAAGd3BIRfvXKR8AAAATAAAALQAYAAAAAAABAAAApIFVCgAAMGI2YjRkY2E1NGRkMWJkZTBhYjdhMzZjZTdjODdmZGQuZmlsZW5hbWUudHh0VVQFAAMLdOlWdXgLAAEEIQAAAAQhAAAAUEsFBgAAAAACAAIA2QAAAO
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740b-5e6c-4c8e-8be5-49ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:11.000Z",
"modified": "2016-03-16T14:56:11.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_d3ea70c4.js' AND file:hashes.SHA1 = '4742ba46e36f5c9e12f35f684a22943147be13fd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740c-eaf0-4c32-8a34-457f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:12.000Z",
"modified": "2016-03-16T14:56:12.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_d3ea70c4.js' AND file:hashes.SHA256 = 'ddcba5ec04956c760aa86a119c54942e3e9baaa282eced94de87cb7eca60f422']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740d-7160-4beb-9250-41c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:13.000Z",
"modified": "2016-03-16T14:56:13.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAd3cEi+bm8RAgoAAJwYAAAgABwAOTIwOGI1YTI3YWY3YjJkODg5ZTc4NDM3YTQwMTFmZGJVVAkAAw106VYNdOlWdXgLAAEEIQAAAAQhAAAAi2bsKZWhCkH1zVVPRxvGg01DLY/7vlg+2EYRlr1RmlL6HDpdQUTzYBij2qXYRsaH3uOJRKe5VnSeocebDwVEQnJDD3Z/VAlLSw28l4EK9bk2W43VRh9h3nMLRUVPdNw1DU6P/QdZtFMUG5Km9AxOpK4eQpjgZdmiJOMeB8j9Hjdn9ybOGEoVJouy4L1Q+dDJTuIRzOHrubJVgPbDCwcr8E3bjC8j6KpR0sZVrjfN5dzmW0J1pGGtXzGA9pwI1jokBg71TUo0LFp4wCt8j2HWmcS/dQEJ5lk7V9t3OjGgFoCFhUIc9JMVY9vZ/CARxyjGWQzVGT8Bq5Geg3djVaEKF3JjFE8LaL+2huQR6z0DCDNbfSvoGSSYcQ+q77+OIrNRTAXPpKlPdiS9JB4LWwaDSZM77RnR3bVUfWVd91fgR4wpcU+R1whLnnPup2LD4ElSj59ZEuA57TJ8Cc9F2cRXdh5TMmwJwkiASnLKIoVSNyDMIPs3LVb+o780FnYchJTYJzjLKuQexc/5R0k/MShL2RuYJsrPcuYNVEi6uHa1V8UipAaB1oldX0eKcmEvRfnzT6EZZnphVBAr2Q+t2aZrF86drRoAiGr/WD0seIec5NcyXWcoisrefrd9jM3bHbkni+J0SjGfF1OW/0pQGqhMtJ0nIWmPXqX8SxN6l6tI75InoVy99LiGlpmz3Qi1IHvDHjunc1eDeOQKylfE6e2qyVsPBcveGpiuv3ojUDIqggYbc/CD7skiwSZ2yVX/E4J94QGyV+IjKuZYG0skvrw823/U6x0GP3T6gPZ9QfzxhS4JiQF3otX3lD0nytRS/fHbcANJjdAvuH8+27dENmvh+mJWhEIgApMSPVWJxUFAg6p72LHJ+zb+4Zr54u4TPi43CYF1Os2z/A7BxyfxlUzelzY3dr5ZItqL6isnyQJmFrQ5mpgLCiuDXgRDfJjbuhPpUZ7TEd3ACpnPSHc+N1OE8JdF5nEBQE+ANvk9eSbTQW0mgA7LzSrfL8lc4O89Fc3rQgH5Vt7skL2M67WKmgVaDjOrK2jZdFgmqfdeYGECuzCmwm0vb7nRemWj/e6KY9t2sVQgG+2q70AnzSJ413lLgEkfqcC2nku2erB0TmuG4Gb+5n67RroN7UIlS1IP8tCQqingZzb46jA8CP87a1hHX9UK/aYo9YVDCIlaXM1AOXuG4zGApaDOPQwuYXR8gwW1wvACzegS2IKE/WHhzh01A0A0bQqWpNDTgkLbGVsvq9uScN0vDc1CELZxpNm6iOibNzlnzP7Ku4lKqqHF9TclUQYUyr1gZZAX9w/unBI++HVbUBlm6qvePz0eslfEPK+pQeHhKToYeKZ02Mz/3taqpAYkNrryKDULv+2kq2a4FKNjwSYv23o9ZRp7z7Z2oPq4yXfTvalKZCegxDbpln+CDZStJPXguJkAxmcgU81+5I/87ceQ6Wx/UEpLH0UhRVLaIZ9cJbXhFDc3ZHGQKHyUl5H9xgj6kOhpboS0ZxIXrgP2JU6jtl07ep0x8pfTx+nraxdM2feQaD6l8T+anOaKpi8/x89KJg/qcIzw+8qM9Slj14VYUiv6HpboW8Ov66JoOvxvrbDExzN/FfgVbwfkcwEI5KWaPRisM2O/8xE5zQZCEt7iIEtyd+lenKtYX+mOQYB5PyLNooXWJiEdf0Unuy6Y3BJNpNOa0SLkN3KFYRRdgUzI1O+APT5vf2pHtEcDfFRdrDqdVM+HDvWKYbSWg2O2LRyeVY0sbjCdJTCge0qQ9qawb1RxgzdKaLDtnWA5cIMOmpeVN3wmt9dtrMRm1VuK9T4HaYW1zSD34K4nM3mbUjCBFfyYlpuFGDryxNMhVdfKDsx8Cd+5KxGULUuLcmgkAtVvWc66xNcP0Cb+FyIjSvzusYLLGnwOT+AJO/B/WlbcC7PS93f2nQQq+RSXWGzyAm4oFcLcFTCwXyDvQizwzEMLBQofVVnViyFO34HKBaXcm60UNR6afnQrro48diFMcDBV7CoBblkIAU4N1SZ5a9Z4tTFC6niiFA8IZwvTlTDOXlnxZPgZ/urPv64V/mQDQCjPdeDOPr94BKMKVs3vcySodmHzuD/idf6VPbe6C40PkLTWjslEhcEXkC7N1R/4R2lgm5HUpOpR/kBKBoo9PnLiiGzGGQIfsVMFRSZD5yP+aRRhkZ6/pxe/LXh0hrs96DN1cHE2Grz/W0LhwbIeOrcUrkDwyHFmjz6aC4bK3m7x7y6e3N6AEHSfaBbAzjxRe1PQAGjjZudizaUtNl7mMbPtpMAsFnJUtfxXvY/jibZi6EIFB8oV7ndWTALfSlqLr/bu7aYQQ992FD4lVeWnsc3Jahez5k8gFRZyHGJqfzsVaXNpHhiFhFr0ZbUHMxUPDLmzLjt0MMooApOq3lrGfnHiv3RLfgKTbOzl6TCLMc6glPI3B/Y74lAJ5MZgz+vKNCEBJOMTW0c4pZT6b488HPB8y9/yUqdmrKxke3+TLlbqSyx+EIJJnL7q2DjU70Ja3YrOHMcBwXvrpCFS3d8rqnz1AZa/veVoFKfjcklsSfF1NnKA0s6eXxs4xWTnRHwGECUyKZVdNum/o5asNPALJHwBIGNu3CANB4O4wYUJYh+qtf39ArWR6ozjfLVwr5ui2Mc4cqmYSFxtkEIR42IOTnsFqzQJEpMrHFonuauyarLxFx5o0XwUqf54N0p3F+ugCGqp7fiXW7wacBwdtQdzvPE0FfEzp4lP6q6nrvHMBGYngZ6+OxNyW43VOEDzypx0btUWyLJts+tsWdAgNs7E9RhfK8jPtssgvACZqw7V0zn2eYlL0c6UZQHgQKWM5qOzvhwD9TQGEk1wLpCE9hlPr1gWJsbpDZEhEjmcQqlohQn8niiarPFpZyoNJGP2z2BFIYXtThlGR7cK3HLx8mUZkfGaHH73JptqaZtFq9dsYLow3WmzeE3CTiLc0+RX/uv+ePTRLC9xCAMpOofkaCUc4er2+6V0A0Q8nXipXbG3QNdyUm6/+VvwJTOnpc+XcIufnpP2ZTv4g1A+6boF8KxT0EqSR7cRaO4YnprwMqh652/dsuLAZMElMHCHUYLyHcXhoBX083Igj+h1Z5XG05ry3Yx7SxKzjrqcv/oE9bjYLIdV3CQsscop/XSMnFcBJQljuATJa3ttD1uiBKcRyoP7Lcvjjlvkjb+df3hnYUWJRxZ5Twgqxf+7kkVmDxy8qhEprnr8232puCWS7AZXr3tRqoFDc+pPoXlcHXgmuLP0OGYCyAMYy+IcTvTFE/OYczrIKJh+0+Yqeh0BXwvzkZBeKaC1EX01AU6pL+h5pMAiFQ7HV6SAq3CLZ5ekNQNSIwH9ikpMp+ssAVA0u9REJnDjIOXQ7DbYaUK9C6NWb4NZRPuj3S7c+JOMwxu1PP/0NSpwUEsHCL5ubxECCgAAnBgAAFBLAwQKAAkAAAAHd3BIvdSgnxwAAAAQAAAALQAcADkyMDhiNWEyN2FmN2IyZDg4OWU3ODQzN2E0MDExZmRiLmZpbGVuYW1lLnR4dFVUCQADDXTpVg106VZ1eAsAAQQhAAAABCEAAAAGDD57QueH2I4pGAHUWTPAxgXOCDFic+DPic/5UEsHCL3UoJ8cAAAAEAAAAFBLAQIeAxQACQAIAAd3cEi+bm8RAgoAAJwYAAAgABgAAAAAAAEAAACkgQAAAAA5MjA4YjVhMjdhZjdiMmQ4ODllNzg0MzdhNDAxMWZkYlVUBQADDXTpVnV4CwABBCEAAAAEIQAAAFBLAQIeAwoACQAAAAd3cEi91KCfHAAAABAAAAAtABgAAAAAAAEAAACkgWwKAAA5MjA4YjVhMjdhZjdiMmQ4ODllNzg0MzdhNDAxMWZkYi5maWxlbmFtZS50eHRVVAUAAw106VZ1eAsAAQQhAAAABC
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740d-4b40-419b-bfdf-4810950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:13.000Z",
"modified": "2016-03-16T14:56:13.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_d0252.js' AND file:hashes.SHA1 = 'af67b3f61b802bcc3e3331387b6e500845196d26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740e-72b8-4457-a309-49b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:14.000Z",
"modified": "2016-03-16T14:56:14.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_d0252.js' AND file:hashes.SHA256 = 'ccadb6a1d5cadf84381130006df9d7fe58e0df84f2b9203d0a35ec7ea6699492']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9740f-ec3c-4670-b7df-451c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:15.000Z",
"modified": "2016-03-16T14:56:15.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAh3cEj++N2HbgoAAFYZAAAgABwAOWE1YTFjMDZkZmM5MWUxM2Y1ZWVhNTE0ZGU2MDkzYTBVVAkAAw906VYPdOlWdXgLAAEEIQAAAAQhAAAAi2bsKZWhCkH1zVrT2nQPMRyZzB59qW27K7jUwPqwaBDYujvVdQzbw0UtpRtZ7LPCt5wJwOHTC4u5ZGD8fu/Z6V4L4d0mL23vN8HtS5yHmdtJLC02cZbQHMmB6w6l/j200MbSlBxNCrZ5EqMQPdVi9EfQKa+3g/R4rrLlNdTvOFsehwdt7kjcbH4bSe/+0YitPSC3sDkZcF2ccB+kw+0dt5ugsRFIm0jIwkrcFQGkIRvl+kCFn6AFRPEDDh60P4jMlypUdA9X1Ox9u3XzxZrhVjG33STx46wVwYLSB3Mo1SAKp9q/ISzp6b64HANRqWdMkF6JAqoBGsliiENZin1PCpgFQeXbPg3XoKIAdQgROVLyMjzG7Lo8ET9nuryQQJg3rh18nJaUDLh8xVmFLSxaO766s0DiTW8Sj9po0yQ4ljMkN6w5qZGwowIFtVMxHj/GGHsHECqa97k33chV9ry8Y3IgMDvZfdkEf1hDu1YHt20kjBwq43w1rE9CsYfv57joGoZz/6jJjGmUAT2rEsruhf9HyIGYtq/jJjCogzKQqYk2cmuU1uu6IRQ4JRzZdS4SQNSz9/oFVZnaqATYRVQeNF/TSpVMh1dKQnOXr6JXt3USY4SF3GLJFnFdYB2xPOXTvFCqjcuR85U497FteNhr6g5+Y9M9nrb68y98GfdVa1Euh4OclwIE0llbdyPTbEsCLTkEWQ0kklXgbB6A+W+6GtCpej+VQZECqqNbVxVNtlMGXW7ohInspfDFAp6ItVVTqgFs6WPkKX1gV+rcX9phEEfrskoQf1AeLMOd9F9AkmE1NSH/Fpd+PwfLUiWOplYD0NxPBZ5sTgdYqxQufUDwqDqhZfSUiDxCFkeA70GjlUp0U9LUy+/xJF8Fi3IqaLK1vBYq2YrNuZu89QdjdAdAwvmILCZuZdqX5bzkuaYBFLXrURPXYnQ5oHVEPatTesK9/VH8FoB0WEDnAotP0o6YdjyETYVz26kTXPbJ6nr+PSXnuEwte8YLcLvdpy+TAJRn0PIa6supBVP9kevYKF8KMSH0QIv53miU5lSMPfahbWRqcErmvu8GPKCzuRRwlongVOYg1AYgaUdb7F+Iy4XIyfgkme4rYYASVgGyKQuN4YnowkRhAiiWvnr8zRaIRG2/iX4Tpe7D5M5a3fq9OeUh1T02XcvERythrkkEJnQkiO4R+RR8KYkxfLYJA2+7zRtJnM2lH59F9RhDz+copSm8qS+T53JD4ha/TeCj3KCknmquBy78nsxTxL3jkhvsAX0FYmmwtZIxMmlBJTVSgXbwlk5dUdEU/Tvu17gjd5mUAWMz859SW5xInjEvLLKrTljlC9rVsS68/6khLCPaicXs9KOqPn30F2fOdcK8+WCbxwEMv/pJHBnmTxVPJU8xU+6A66tMmvahwnYFrM/ebnpO0pSjHlnkCeLhu4rlI4lwVPbQ7QwTdeDZVA7B4tLZzbRieio/Y8h/9XI9ot6XtPiRW78mjwWDCTu1y6WKPifA03taW83R/snT3YtD0hxjSMbX/aa5Zh++U250z18ElMh1qCi6xL5zScPTYeHj+InbmiUgjimzhGHFyVQI/pfwxPWoaUDhM5kcIOmJ6WSQVcTbcdGoHRkhohyxB8iT3NuSzJbjFL39MYYiKRHi8k+i8goix4Gxv7t1P7gqYlumjkjYl+MyciKu/rrElcDi6wo+ZuBJjO4Rqt0kQjjkHa/stuYYkbxA9AViey61x8UmZg5osN2XfVHe/0w3iAHw4KvcmN8mOkOTbO1LtWwCAJ9dfUE6fV1oaXQEKiYQLZfyEs0oPZ+q/IDfWSiva8rq4860XyXNqyky5N2ACOQuS6n7UjwlYsdohyNvnHZ8wDlVZZXgqhTqG3/3EC+H9s4Jps+RnWqZDkLEu+dbIUT4bzCPHynEwKTZ7Wsotb7pBUQ+NHaZ/BvLZjx1RW9SGDimgrxbXOAnMrziX/z3kMfOIbb1hdf6c5QEcnBq0cpZh49+TDLPMIkUmUvQlAkpGfmh1XVQhmxQluLRjHpmfBjAJ0x3JuPfEQC9dfhplpDHpksyvfxvZxCR4TOa8WgDUoROfCCD4z6a/4ApA+4mXgbYjjxoRs0OphVkkO5VXZ4kiFfRzWFk2qGbl5HeD1JHykS5dx6mD9eeO01F3wQEUMNiSRYju1Ix/QwbV43inMMNyk96SDlgBV8Yhw7GzH9hzZlPir/8/2taneo/mSH1IZ0Pj1LrZSZX9HcLPCW5Y2Ry4IShl5ExMRtp4SbtDGwksXMyc8JRD1QjUyMwfq1qs3WlGRHE0T5zCXlJVSpFr0+8ed0DABv7p3/zadjSsJLXinPlC8et468SCW0+8+hHu5Zy2pZXIbTryCPrk42TIPdcP5z/tS439js9GUFZi0Z/XfoD0WoKkAWg/QPU8GziTWVFpA2bOBcDt0drTZ0BIQzfJUY7PAg9He+0EBS9F6vU5LJdlOLByGpj2q1eyDaRY5feWEbgFYiwRd8CFDvhfVJOB+J3iqVg4W9taUGSy693And94zF5855m3gtpvDi7iKwegGd2+61oJm+6+m2gxmojjpfWPCkn0Iu4SNIrIGu6UDwwZ+5ABmUnpRNokprsraFnSP8uNz4fyk1KkNqZtj2bxT7P7o6vb+rarNaGl3OUULvy6xCBToE8ldwDjsIfFcyA+QciX1vOcFTn0SuiTAx49wdVnpLNqQXLfQl9g7gLejLpkhxRg6E3NJrxrzK5wZ/BgixchYf7odK0Uy46x5AKvz6o5rM4cy4VGZcyGSPi470EFOm16KHJhHpUddQB5AYMJM9DsPsV2GGF7X1ZLBRyq+cmWV6EQLfRXItkq6fFADNexU8bVo5WlC447lmXkQEvv7ENOJUEaP+NCtmpNpo6bV2NfScNF1oRb3lmuvpoH1U9ja2HiEjHWdDrb8B/JYQjTVtYZIxNhwbCvl3NVPPGnwNngqaYQ7Pm49R+HfnUKRXb7YIn39PzmkiDSqOSAsPPZ7ft91u6z3laVzSHRA4cX8LoPsi9dKLwi2R77p+o8rSJftVX7dL6nJ4lpxpvLnPIe+1v44FyBJfE87X3lZAGBdHnrTdp3DglM/qYs9vljbV+RiFBk2+ryZoQ5eeInAAG4iuSa1UoYnY9OBXPPZ7UgpT/HpqDilm4cmmtZ31vQlB2jXXLYJ6R5hIkJhBoaMZEiQsUNnM9b3JooU+BKBhU8HOYUHAPAwNZCR9FWZf6TftvsgQmiuZ0qV+81OLvXUxLzAy1Nm5E2mBd6qCHHcByVEdOyyG6wetMIMQiLv41F6nP6mOrISM1QOIWxSwGi7UivvjGfp/Ms+NCu2NwQ3YB9D6OondcAQoqEkTn9cByaBHvp8o3nW5md1a6lQSLPIpb8D9a6mbb51dloB6FTk0NMccmmUBOY29TopXegeQSNCpCZMAIkfjgpmNBCDOiTsg+mEStt3NGXYAwDV/uQmAja7RwggO0vgEOQAPn35Y55Kd+RHGhYDVxIoQ/iNmT6v0jVdDxM7siItiTaBLgrmicMKqrBDfdE6g2SqAlZT19bbgS8Mt4UEsHCP743YduCgAAVhkAAFBLAwQKAAkAAAAId3BI+yGdeR8AAAATAAAALQAcADlhNWExYzA2ZGZjOTFlMTNmNWVlYTUxNGRlNjA5M2EwLmZpbGVuYW1lLnR4dFVUCQADD3TpVg906VZ1eAsAAQQhAAAABCEAAAAGDD57QueH2I4pF+DyzNN4hc6KVWv24qWk+G0ek265UEsHCPshnXkfAAAAEwAAAFBLAQIeAxQACQAIAAh3cEj++N2HbgoAAFYZAAAgABgAAAAAAAEAAACkgQAAAAA5YTVhMWMwNmRmYzkxZTEzZjVlZWE1MTRkZTYwOTNhMFVUBQADD3TpVnV4CwABBCEAAAAEIQAAAF
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97410-709c-4f9f-ab29-4269950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:15.000Z",
"modified": "2016-03-16T14:56:15.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_dc9c375f.js' AND file:hashes.SHA1 = 'b8c53603c3725fdb4cae8805e114a9b2aac0e305']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97410-6314-4dad-9f8b-4811950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:16.000Z",
"modified": "2016-03-16T14:56:16.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_dc9c375f.js' AND file:hashes.SHA256 = 'd5c31e8f69be5c8e6c811ca165035c0057c032026cfd1b397eef4cd1d78706ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97411-8b54-4dc0-b102-4b2e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:17.000Z",
"modified": "2016-03-16T14:56:17.000Z",
"description": "unique .js sample",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAl3cEjFbi265wkAALYXAAAgABwAOWM2YTM5MzYwZTNkZjE2M2JjNjE5NjljOGEyMmI1M2RVVAkAAxF06VYRdOlWdXgLAAEEIQAAAAQhAAAAjxMW5HoFsj6ArZtYv/CafhyaGBleU3Qn3hq5nxUQ3PYXGWBjxyVnrO4U92WNSxRM63gfVvj6iontOhDmeMRKhliRwZBJJOTiH2BQU1hMVBS9x1Jv/vKDtIS+6TRMhVUTv3JlWPvONazql2Bs8qerJ/3EgwdM+Zgu8A7yXeHNW4Tdy3oXhDxvp88tx5b2sDgG5+e5yrXvDUDk508zckOYHtfAO4PQK7EsYuglpHGT6ny/5WUjhLeKB8ihIlDyHcGDUF2x5vn8wpgQ2NqrWv1DocvoZKdhLrY4Fn9W3t8nG9MpMOlogOzq4+cG4+U2IMKeXpNP0/2HIbla+J4y1Yg8cJpciJs18qVsvhdEa6wRqx1ZFIO/uwoBcyzbaAUKAYrozu1qAo6us2qF6g+d281voDmd4/8SIF+uvt7ArFu3yCqWkYzOR/xikZsmejXBKv6QY5xvqkqO6my68WZDFl0PZfG+ZPjZSykFVW904go2XCD95GwN8SKCSxwN6yF9bAmC+lO+ENrREsXhw+GOmtaIaKgk58vFB2SPXocexnVg4dcMIyqnBGMyEVjP4Q93uyM0f+9xA5ZqchCXyCb2G4UDnhwub9grQDhILZGFIN7+l380YgSy6T9vBUPtq7FG/pDz8z78ZJ3HqsPSv8wrJnFc5p6d5B6R18zCERBch4kRF3vRuJ8vsMrDhN7+FtAgMFHij3T2TcUioT01qjNPwxgY6Ts4p8UeS/yBCLLxaiBwVD2tWWxnzp4g0m75Ut+js/KZEl0g7woF9llFr4AQiJ9/WkCMJyad4hJWcvH+Yn6u059yQSA8LtWSwwPN4Lhxe2BZ2eH/N8OBw8JoaI6+SwJQSni5GFIH+5W7axwsOBbYk4rNpfwRPtP/kyMFpmxNUS/7JEgkVbzKsQKUeAsHtBqPS70aPt7e7GilMNOIJvPEN/mukgoucrrdauDNTnOnZuDp4Yaw0X9k9iMiP4DJWA0cMpLo2vSKMVekWT1+Y6IXZG4leeuauZ7vsjdblCkvsD2fgGbYSlUzUzhRuW/o2wL3zP/UWg2eAkUFim62X1PrTl50exorIrpmCsStJke+Y7dKzGZiXWG/tEWxLLYeHdOoNxqCRBrA4lHclShDWLoV/raP3Dz3q+giS2YRfPEy7vHnz6jaCrTtxBfeNr/csD2nFXiALGFYKd4Yh9lEx2z0DHQbBv7O5JtBmRCuPc6S4jm7u8RBrdSyty7AwMuBlX2CprfTLPoiDfTFdKnkgQtd1WqL2KUQ76cQlIed7MRYLlDYTh/p1tNxFauMK1ojCP/cT3dUg2dTUOy6QtjllFDvK9K7Qh49R1a095jiuyHotaH95IFDkD/EDvYtAtWtuozDkq/NFO3vHrfzu1WyqgRteLvedls7uXb2CH6yinb/qyaIiiyo9RQWTZ+Q/A1FIPvveNZ68tXCZkZQApJDU1NQTuYdtBCDDEyTyQeDUJxj7UHxKm/e5s8h4iJUVKddTlJEhpeHpvaP4KpATdhgCTuef0RYC60Q93eR+dIxGu0yZyQU/kvPjZQoRuH03Zo1GAjePMNR9Aotkkmvrd3bi1WsvUSkam/vlrt0Lwtf1WtwJ/s60caiiGCLECCQqaPryfRY172+0ywR6aJ19FeFtADmiyfc2j3MAeh7gB1IJ7XXeUBKO1zzKuVDrXjRe538xlejii1UDa48vgYwluEX43AQYJZz/caAFceGtYcrbnJLqhQynb+hrjWGZiuXkMmalWdxqsZHqkkDLnBBlGiBuMGfs8+xr2AX+llmf/PsPgzXmY9lrmuDBfNBOAQbVd9hJVxwaPYggjSBTSRoLWl6LPE8ju4sIWgjvbtNDL/LGCIBn4yus9KG+E0x/dMKIOCQu5eC8ZIH493amQMV+HxvVHOQ8Afltm9pX7qv//bKIdmsti7aVo/C+v6LmXlWPA02NMkEXHymiKtaSQJF6kZwXRo8QeDWHkOosYZNli4rwiUbAfyuAAfFUWT/jDP65Z2V0lCDqry2NlFtzSuMhY3/CUrI4OU6c7PgjtH2iCk4VyYgHN2VTS7/8IbldSWOXR0JMpWF4qgH5gJNGZIh0TG2eoMKldmhch2tHv3UT0hkUaS4hxahTwuzOBr0PbFRvfkJlYVkgELeGTBIK7Hk0KH5D55QItir6DchsZqL3Vbwfwbnk3LQRZpcrGd95GxjfqjoZtDjk50MAnbCze/RZq9CHDk8I9jpM9Ai3qCD0MPncFHX5T+wRHRsyPIKUoUmotajBa914VoiWIiWZ8U0/MdtxZ30/swZyc5wE7wuslmTdJiqXTVi/MhZSnrZqFojKhzOwj9yj+UqwUXP7wSJAH+rldRAqjaiOLxYeux6VyYNEeihMUXYA4Sq4tW1RZIim1to30+YyAR83g1MmfZ9iH22TakU8DdWywXawpF+iJblfBW3cpuf9DFRjLhvYgUPQ6fhcfm9MxGVnC40QvnOFdLVFJGNVDQezRXIjz7lE/QyPKlKqw+15n6ay9HbejzfsqpDKj3b8Q75kIVyEdLfVUvFwf7E7+/1SktbEHxSTgvN/Xsl3md1SXMZ5uKGrkCaozZqtH57zOvEG5uPA8bA/+I33SSE1LrSHQP9WKpEr/OxfgXdMmE6b9UOrUHCLfwIznwmFASl6cvI4O80hHJNtbXEF0k9dCmJ1iegfyTSQdYYKgThmOyoF6F/s4jPewjVWRL+3LN1C2wos3atuPmyJN5b2eythnsSPuKvFUueB8G4OGMas5Lxgg0ZglWmDK0+VQVdFWMmFUvksTbqkZLtDGp4cneqG8g0DhQjVoWLptvWE07jbCd1W4e7zxVn3t6gaoVmcImJ+ciMn5WkRU5pzDnRSGrUIyiW0CARCQPwKkglsEnkZy3CWAUU4pY/CatXsBUlgZL1rUehAo1yAsFXWHhe7ZkELZfyeTJQmaHCyxSa23i/yhP/s14uPY54qmXnd5wa3aK/dJ0Gt8BULNgJuGHdmjC1LGGxakl8l3Ww3zHVGzd6HAzAkrJaucdPea7VAcxLM/05K+aMpcOgyCoFkZUj8LkeXGg05Gt3Be8KE2eLHXE07kEorXhJC59QSXrKhDywv9X4I07IGxvA3vp1DyqBm4yCwSIkf6kLcy2bVPiEHXyHIeUUGJOJ2FpPjrYZe4xogiOKB3Iz+bxvijBpqY/c/aM6gqkEUoGQKKD2T4M9/JO5Bot8beP8uV5mKiXX72uHVn/ULpZItAjoumAQ4lOHfvSEAVIhHU8kZhS+mlQJWVl/3qM0PoRMdPtV9YsU7NkIClnlPWqAot2pjTVd9+yubE2COb0FSLbuyo5aXJ8cLCOnuB57bs1XmxvbSF90cU57z7P5W6ERCoOAHduswsbcFLz5NlvDuCGOggnDUEsHCMVuLbrnCQAAthcAAFBLAwQKAAkAAAAJd3BIo9925x4AAAASAAAALQAcADljNmEzOTM2MGUzZGYxNjNiYzYxOTY5YzhhMjJiNTNkLmZpbGVuYW1lLnR4dFVUCQADEXTpVhF06VZ1eAsAAQQhAAAABCEAAAB366r+UbpjIBpMwRfgJyPE34iqWEqgGUAo6Ioe63lQSwcIo9925x4AAAASAAAAUEsBAh4DFAAJAAgACXdwSMVuLbrnCQAAthcAACAAGAAAAAAAAQAAAKSBAAAAADljNmEzOTM2MGUzZGYxNjNiYzYxOTY5YzhhMjJiNTNkVVQFAAMRdOlWdXgLAAEEIQAAAAQhAAAAUEsBAh4DCgAJAAAACXdwSKPfduceAAAAEgAAAC0AGAAAAAAAAQAAAKSBUQoAADljNmEzOTM2MGUzZGYxNjNiYzYxOTY5YzhhMjJiNTNkLmZpbGVuYW1lLnR4dFVUBQADEXTpVnV4CwABBCEAAAAEIQAAAFBLBQYAAAAAAgACANkAAADmCgAAAA
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97411-87d4-4d96-adfd-4e28950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:17.000Z",
"modified": "2016-03-16T14:56:17.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_e3a7c36.js' AND file:hashes.SHA1 = 'e5215e701e0d22a79ac33f00c92b4fa2ca28bf7e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e97412-b73c-4fb8-ac25-43da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T14:56:18.000Z",
"modified": "2016-03-16T14:56:18.000Z",
"description": "unique .js sample",
"pattern": "[file:name = 'billing_e3a7c36.js' AND file:hashes.SHA256 = '51a1e11bd8de2e23b59e18166c50394e56ea0f8d55df81ec43cc388eefe995a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T14:56:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink