adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/57bf5c07-6b40-428e-8f68-4a9a02de0b81.json

955 lines
38 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--57bf5c07-6b40-428e-8f68-4a9a02de0b81",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:33:38.000Z",
"modified": "2016-08-25T21:33:38.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--57bf5c07-6b40-428e-8f68-4a9a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:33:38.000Z",
"modified": "2016-08-25T21:33:38.000Z",
"name": "The Million Dollar Dissident - Citizen lab report",
"published": "2016-08-25T21:34:48Z",
"object_refs": [
"vulnerability--57bf5c49-b2d4-46fe-be18-48de02de0b81",
"vulnerability--57bf5c4a-4fb8-4ba4-bf12-43a002de0b81",
"vulnerability--57bf5c4a-42a0-439f-a09b-424002de0b81",
"indicator--57bf5cba-f4d4-4e08-8947-4f0602de0b81",
"indicator--57bf5d2f-03ac-495c-b2ee-4ca402de0b81",
"indicator--57bf5d63-418c-40ef-891f-bbe202de0b81",
"indicator--57bf5d63-9bb4-422c-9fd4-bbe202de0b81",
"indicator--57bf63f7-a014-4993-a207-452602de0b81",
"indicator--57bf63f7-1ba4-406a-9183-40a502de0b81",
"indicator--57bf63f7-c680-4764-a0a9-4ab802de0b81",
"indicator--57bf63f7-d1fc-44bb-b79a-4f9f02de0b81",
"indicator--57bf63f8-cff8-4563-bf0f-442802de0b81",
"indicator--57bf63f8-9c74-43ca-af31-4f9302de0b81",
"indicator--57bf63f8-0fa8-4299-ae08-4e9a02de0b81",
"indicator--57bf63f8-cd20-4f04-8922-4c5e02de0b81",
"indicator--57bf63f9-d07c-4093-8192-47a902de0b81",
"indicator--57bf63f9-592c-407d-b7a2-45a802de0b81",
"indicator--57bf63f9-1b80-4a8a-a813-452e02de0b81",
"indicator--57bf63f9-9828-45fe-92a2-458802de0b81",
"indicator--57bf63f9-d13c-4e8f-8b69-45d002de0b81",
"indicator--57bf63fa-e31c-4867-9c96-485402de0b81",
"indicator--57bf63fa-92f0-4057-8460-497902de0b81",
"indicator--57bf63fa-2ec4-4995-b49b-402402de0b81",
"indicator--57bf63fa-8144-43c6-95a8-4fdd02de0b81",
"indicator--57bf63fa-7bd8-42b8-b201-420602de0b81",
"indicator--57bf63fb-a494-4932-ac6b-488102de0b81",
"indicator--57bf63fb-b044-4b6e-93da-437202de0b81",
"indicator--57bf63fb-306c-47eb-99bb-467c02de0b81",
"indicator--57bf63fc-8480-424b-86fe-4f0502de0b81",
"indicator--57bf63fc-3f58-484c-9a94-42ce02de0b81",
"indicator--57bf63fc-1174-429c-a55a-4bb402de0b81",
"indicator--57bf63fc-7fb0-460d-b13c-42e502de0b81",
"indicator--57bf63fc-ccf0-4d09-95dd-45e702de0b81",
"indicator--57bf63fd-24f4-4d24-8286-47f202de0b81",
"indicator--57bf63fd-e708-4449-941f-4ae902de0b81",
"indicator--57bf6431-0c20-437f-814a-41f202de0b81",
"indicator--57bf6432-a068-405a-ae08-4b7802de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--57bf5c49-b2d4-46fe-be18-48de02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T20:59:53.000Z",
"modified": "2016-08-25T20:59:53.000Z",
"name": "CVE-2016-4657",
"labels": [
"misp:type=\"vulnerability\"",
"misp:category=\"External analysis\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2016-4657"
}
]
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--57bf5c4a-4fb8-4ba4-bf12-43a002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T20:59:54.000Z",
"modified": "2016-08-25T20:59:54.000Z",
"name": "CVE-2016-4655",
"labels": [
"misp:type=\"vulnerability\"",
"misp:category=\"External analysis\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2016-4655"
}
]
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--57bf5c4a-42a0-439f-a09b-424002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T20:59:54.000Z",
"modified": "2016-08-25T20:59:54.000Z",
"name": "CVE-2016-4656",
"labels": [
"misp:type=\"vulnerability\"",
"misp:category=\"External analysis\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2016-4656"
}
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf5cba-f4d4-4e08-8947-4f0602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:01:46.000Z",
"modified": "2016-08-25T21:01:46.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'webadv.co']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:01:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf5d2f-03ac-495c-b2ee-4ca402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:03:43.000Z",
"modified": "2016-08-25T21:03:43.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'sms.webadv.co']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:03:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf5d63-418c-40ef-891f-bbe202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:04:35.000Z",
"modified": "2016-08-25T21:04:35.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'aalaan.tv']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:04:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf5d63-9bb4-422c-9fd4-bbe202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:04:35.000Z",
"modified": "2016-08-25T21:04:35.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'manoraonline.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:04:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f7-a014-4993-a207-452602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:39.000Z",
"modified": "2016-08-25T21:32:39.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'icloudcacher.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f7-1ba4-406a-9183-40a502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:39.000Z",
"modified": "2016-08-25T21:32:39.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'pn1g3p@sigaint.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f7-c680-4764-a0a9-4ab802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:39.000Z",
"modified": "2016-08-25T21:32:39.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'asrarrarabiya.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f7-d1fc-44bb-b79a-4f9f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:39.000Z",
"modified": "2016-08-25T21:32:39.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'asrararabiya.co']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f8-cff8-4563-bf0f-442802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:40.000Z",
"modified": "2016-08-25T21:32:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'asrararablya.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f8-9c74-43ca-af31-4f9302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:40.000Z",
"modified": "2016-08-25T21:32:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'smser.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f8-0fa8-4299-ae08-4e9a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:40.000Z",
"modified": "2016-08-25T21:32:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[url:value = 'https://smser.net/9918216t/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f8-cd20-4f04-8922-4c5e02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:40.000Z",
"modified": "2016-08-25T21:32:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[url:value = 'https://smser.net/redirect.aspx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f9-d07c-4093-8192-47a902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:41.000Z",
"modified": "2016-08-25T21:32:41.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'icrcworld.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f9-592c-407d-b7a2-45a802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:41.000Z",
"modified": "2016-08-25T21:32:41.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'redcrossworld.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f9-1b80-4a8a-a813-452e02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:41.000Z",
"modified": "2016-08-25T21:32:41.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'topcontactco.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f9-9828-45fe-92a2-458802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:41.000Z",
"modified": "2016-08-25T21:32:41.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.8.153.44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63f9-d13c-4e8f-8b69-45d002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:41.000Z",
"modified": "2016-08-25T21:32:41.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.8.52.166']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fa-e31c-4867-9c96-485402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:42.000Z",
"modified": "2016-08-25T21:32:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.209.103.68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fa-92f0-4057-8460-497902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:42.000Z",
"modified": "2016-08-25T21:32:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'thainews.asia']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fa-2ec4-4995-b49b-402402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:42.000Z",
"modified": "2016-08-25T21:32:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'kenyasms.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fa-8144-43c6-95a8-4fdd02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:42.000Z",
"modified": "2016-08-25T21:32:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.80.202.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fa-7bd8-42b8-b201-420602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:42.000Z",
"modified": "2016-08-25T21:32:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'qaintqa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fb-a494-4932-ac6b-488102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:43.000Z",
"modified": "2016-08-25T21:32:43.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.80.202.204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fb-b044-4b6e-93da-437202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:43.000Z",
"modified": "2016-08-25T21:32:43.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.251.49.214']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fb-306c-47eb-99bb-467c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:43.000Z",
"modified": "2016-08-25T21:32:43.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'mail1.nsogroup.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fc-8480-424b-86fe-4f0502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:44.000Z",
"modified": "2016-08-25T21:32:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'nsoqa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fc-3f58-484c-9a94-42ce02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:44.000Z",
"modified": "2016-08-25T21:32:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ooredoodeals.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fc-1174-429c-a55a-4bb402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:44.000Z",
"modified": "2016-08-25T21:32:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'alawaeltech.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fc-7fb0-460d-b13c-42e502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:44.000Z",
"modified": "2016-08-25T21:32:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'bahrainsms.co']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fc-ccf0-4d09-95dd-45e702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:44.000Z",
"modified": "2016-08-25T21:32:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'damanhealth.online']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fd-24f4-4d24-8286-47f202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:45.000Z",
"modified": "2016-08-25T21:32:45.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'uaenews.online']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf63fd-e708-4449-941f-4ae902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:32:45.000Z",
"modified": "2016-08-25T21:32:45.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'turkeynewsupdates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:32:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf6431-0c20-437f-814a-41f202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:33:37.000Z",
"modified": "2016-08-25T21:33:37.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[url:value = 'http://fb-accounts.com/1074139s/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:33:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57bf6432-a068-405a-ae08-4b7802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-25T21:33:37.000Z",
"modified": "2016-08-25T21:33:37.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[url:value = 'http://unonoticias.net/3423768s/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-25T21:33:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink