adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/594b8afd-daac-4cf6-8784-4a9b950d210f.json

2959 lines
118 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--594b8afd-daac-4cf6-8784-4a9b950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:20:01.000Z",
"modified": "2017-06-22T09:20:01.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--594b8afd-daac-4cf6-8784-4a9b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:20:01.000Z",
"modified": "2017-06-22T09:20:01.000Z",
"name": "M2M - phishing URLs",
"published": "2017-06-22T09:20:15Z",
"object_refs": [
"indicator--594b8afe-b328-46f4-9f80-44b8950d210f",
"observed-data--594b8afe-e920-4f7a-8678-42bb950d210f",
"network-traffic--594b8afe-e920-4f7a-8678-42bb950d210f",
"ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f",
"indicator--594b8aff-6384-4d27-bb37-4b65950d210f",
"observed-data--594b8b00-2328-49a4-9c2e-4604950d210f",
"network-traffic--594b8b00-2328-49a4-9c2e-4604950d210f",
"ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f",
"indicator--594b8b00-9ed4-4b08-a5d9-452d950d210f",
"indicator--594b8b01-0508-49dc-9d57-48a8950d210f",
"indicator--594b8b01-e6a4-45b3-af72-4caf950d210f",
"indicator--594b8b01-4084-4a80-8f3f-4888950d210f",
"indicator--594b8b02-608c-40fb-bf93-496f950d210f",
"observed-data--594b8b02-1aa0-4729-9c05-4f71950d210f",
"network-traffic--594b8b02-1aa0-4729-9c05-4f71950d210f",
"ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f",
"indicator--594b8b02-9f20-4c53-ae11-4565950d210f",
"observed-data--594b8b03-9470-41bb-a18f-4fa0950d210f",
"network-traffic--594b8b03-9470-41bb-a18f-4fa0950d210f",
"ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f",
"indicator--594b8b03-7218-49b6-8d7a-4fc2950d210f",
"indicator--594b8b03-83d4-4590-81db-4d60950d210f",
"observed-data--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"network-traffic--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"indicator--594b8b04-1b98-42f3-8d89-47d5950d210f",
"observed-data--594b8b04-96ac-4717-89ee-42a1950d210f",
"network-traffic--594b8b04-96ac-4717-89ee-42a1950d210f",
"ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f",
"indicator--594b8b04-6c30-4a4d-807c-4dba950d210f",
"indicator--594b8b04-1eb4-4241-9d8c-46bd950d210f",
"indicator--594b8b05-ba14-4ccd-94ee-4463950d210f",
"indicator--594b8b05-e2bc-43e1-b5f4-49f2950d210f",
"indicator--594b8b05-fc88-43d8-b442-4fdd950d210f",
"indicator--594b8b05-1b5c-4d11-8d2e-43c5950d210f",
"indicator--594b8b06-b004-4872-869b-4e42950d210f",
"indicator--594b8b06-e214-4456-ae93-43b3950d210f",
"indicator--594b8b07-598c-4657-bd36-49e6950d210f",
"indicator--594b8b07-d904-4b71-9dc2-434d950d210f",
"indicator--594b8b08-a280-4d8f-9e31-47f4950d210f",
"indicator--594b8b08-ad60-4deb-a3d7-4e39950d210f",
"indicator--594b8b08-1b38-4402-b94c-4b28950d210f",
"indicator--594b8b09-6474-4c2a-87ad-425f950d210f",
"indicator--594b8b09-77d8-4509-a437-49e6950d210f",
"observed-data--594b8b09-91c0-40e0-9d89-48f8950d210f",
"network-traffic--594b8b09-91c0-40e0-9d89-48f8950d210f",
"ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f",
"indicator--594b8b09-8844-4440-9fbe-4210950d210f",
"indicator--594b8b0a-418c-44b5-8a11-4f20950d210f",
"indicator--594b8b0a-f688-485a-b888-4d29950d210f",
"indicator--594b8b0a-f2ac-4106-8343-449d950d210f",
"indicator--594b8b0b-a974-4d27-9dee-4217950d210f",
"indicator--594b8b0b-32a4-4b68-999a-448b950d210f",
"indicator--594b8b0b-d1bc-475d-8669-4410950d210f",
"indicator--594b8b0b-197c-404b-901e-4bf7950d210f",
"observed-data--594b8b0c-5084-4296-b4c7-4e86950d210f",
"network-traffic--594b8b0c-5084-4296-b4c7-4e86950d210f",
"ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f",
"indicator--594b8b0c-20a8-43cd-9b19-4538950d210f",
"indicator--594b8b0c-a67c-4023-ab0f-4601950d210f",
"indicator--594b8b0c-7100-4c58-8afd-4aac950d210f",
"indicator--594b8b0d-8c2c-48c0-923f-4c08950d210f",
"indicator--594b8b0d-c164-449f-b30e-4a7d950d210f",
"indicator--594b8b0d-056c-4b71-8ca1-48b5950d210f",
"indicator--594b8b0e-3734-437b-878c-44ef950d210f",
"indicator--594b8b0e-84b8-4090-8003-43f4950d210f",
"indicator--594b8b0e-21cc-4298-996e-4bc8950d210f",
"indicator--594b8b0f-3d0c-4784-afd0-4178950d210f",
"indicator--594b8b0f-4b18-446b-aa67-4d29950d210f",
"observed-data--594b8b10-b4d4-4732-b527-4144950d210f",
"network-traffic--594b8b10-b4d4-4732-b527-4144950d210f",
"ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f",
"indicator--594b8b10-a498-4572-b2a9-4e4d950d210f",
"indicator--594b8b11-d0e8-4489-9e6e-4860950d210f",
"indicator--594b8b11-1950-43ba-9061-41c7950d210f",
"indicator--594b8b11-9ee0-4aef-82b1-4b1f950d210f",
"indicator--594b8b11-0b1c-493e-b42b-4950950d210f",
"indicator--594b8b12-1ac4-4c2a-87c9-44bb950d210f",
"observed-data--594b8b12-acf0-463b-824f-47e5950d210f",
"network-traffic--594b8b12-acf0-463b-824f-47e5950d210f",
"ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f",
"indicator--594b8b12-5678-4bcd-8361-4d30950d210f",
"indicator--594b8b13-9f50-4055-a9f0-40a8950d210f",
"indicator--594b8b13-9bfc-4353-ba18-4b97950d210f",
"indicator--594b8b13-33b0-4cc4-8c07-4f29950d210f",
"indicator--594b8b13-15a4-4d48-9e65-4a60950d210f",
"indicator--594b8b14-4a5c-4a0c-9413-49a6950d210f",
"indicator--594b8b14-0d88-4e48-9d60-48e6950d210f",
"indicator--594b8b14-1c88-482a-9995-4a0b950d210f",
"indicator--594b8b14-eabc-4771-adf2-419d950d210f",
"indicator--594b8b15-9d7c-4323-9fed-478e950d210f",
"indicator--594b8b15-67bc-474c-b1cb-4d26950d210f",
"indicator--594b8b15-0eb0-4b63-b6f5-4545950d210f",
"indicator--594b8b15-955c-4299-a550-4aa7950d210f",
"indicator--594b8b16-02fc-4e9b-8630-42e0950d210f",
"indicator--594b8b16-25c0-4c78-9668-4363950d210f",
"indicator--594b8b16-d71c-42e9-86d7-4c28950d210f",
"indicator--594b8b16-d2c8-4a34-a68a-4500950d210f",
"indicator--594b8b17-dac4-471f-9360-4ab8950d210f",
"indicator--594b8b17-b9f8-44f4-854f-4406950d210f",
"indicator--594b8b17-ee20-44ce-9abe-4707950d210f",
"indicator--594b8b17-3e14-4b9a-ab9b-4d38950d210f",
"indicator--594b8b18-b430-4c5d-bc51-448a950d210f",
"indicator--594b8b18-a084-407b-b657-45a4950d210f",
"indicator--594b8b18-0c14-41f6-8df4-48e2950d210f",
"indicator--594b8b18-3ee0-4df1-9449-4635950d210f",
"indicator--594b8b19-224c-44b9-952a-4002950d210f",
"indicator--594b8b19-d2b4-4f28-98a4-46dd950d210f",
"indicator--594b8b19-fe10-491c-9e90-4255950d210f",
"indicator--594b8b1a-1a34-431d-aaf3-4ebd950d210f",
"indicator--594b8b1a-d7b0-482a-9c99-4341950d210f",
"indicator--594b8b1a-7f04-426c-9ee5-4bc9950d210f",
"indicator--594b8b1b-6ce4-430c-b5fd-488a950d210f",
"indicator--594b8b1c-0b88-4379-ade9-483b950d210f",
"indicator--594b8b1c-d014-482e-be37-4422950d210f",
"indicator--594b8b1c-79f8-4940-9dcd-4127950d210f",
"indicator--594b8b1d-98c0-4277-8466-47db950d210f",
"indicator--594b8b1d-5ae0-4975-bcf6-4037950d210f",
"indicator--594b8b1d-8ebc-4c37-bbfa-4e4a950d210f",
"indicator--594b8b1e-3c04-491d-8317-4564950d210f",
"indicator--594b8b1e-12d8-4ae5-9c85-4f89950d210f",
"indicator--594b8b1e-7fa0-46b1-a7e7-45fe950d210f",
"indicator--594b8b1e-d054-484b-81fc-4dfe950d210f",
"indicator--594b8b1f-1d88-44a7-a5c5-40b4950d210f",
"indicator--594b8b1f-cf48-4d9e-9b15-4564950d210f",
"indicator--594b8b1f-a50c-47c0-87fb-4e17950d210f",
"indicator--594b8b1f-2550-4fdf-a844-4b3c950d210f",
"indicator--594b8b20-c6a4-4365-b689-4773950d210f",
"indicator--594b8b20-a978-4693-aa5c-4449950d210f",
"indicator--594b8b20-13a4-4e7b-b002-4e62950d210f",
"indicator--594b8b21-d364-4282-81bd-4f17950d210f",
"indicator--594b8b21-c264-4f41-bdf3-49c8950d210f",
"indicator--594b8b22-9374-4ebb-9d41-45b8950d210f",
"indicator--594b8b22-6d6c-4528-8164-4527950d210f",
"indicator--594b8b23-cb00-4290-992f-479f950d210f",
"indicator--594b8b23-726c-4642-a32c-4d0f950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8afe-b328-46f4-9f80-44b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:46.000Z",
"modified": "2017-06-22T09:16:46.000Z",
"pattern": "[domain-name:value = 'amazon.com-access-update-information-account.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8afe-e920-4f7a-8678-42bb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:46.000Z",
"modified": "2017-06-22T09:16:46.000Z",
"first_observed": "2017-06-22T09:16:46Z",
"last_observed": "2017-06-22T09:16:46Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8afe-e920-4f7a-8678-42bb950d210f",
"ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8afe-e920-4f7a-8678-42bb950d210f",
"dst_ref": "ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f",
"value": "89.189.197.55"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8aff-6384-4d27-bb37-4b65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:47.000Z",
"modified": "2017-06-22T09:16:47.000Z",
"pattern": "[domain-name:value = 'apple.com.centerdisputeinformation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b00-2328-49a4-9c2e-4604950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:48.000Z",
"modified": "2017-06-22T09:16:48.000Z",
"first_observed": "2017-06-22T09:16:48Z",
"last_observed": "2017-06-22T09:16:48Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b00-2328-49a4-9c2e-4604950d210f",
"ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b00-2328-49a4-9c2e-4604950d210f",
"dst_ref": "ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f",
"value": "89.189.197.24"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b00-9ed4-4b08-a5d9-452d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:48.000Z",
"modified": "2017-06-22T09:16:48.000Z",
"pattern": "[domain-name:value = 'apple.com.helpserviceinformation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b01-0508-49dc-9d57-48a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:49.000Z",
"modified": "2017-06-22T09:16:49.000Z",
"pattern": "[domain-name:value = 'apple.com.verificationaccountsummary.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b01-e6a4-45b3-af72-4caf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:49.000Z",
"modified": "2017-06-22T09:16:49.000Z",
"pattern": "[domain-name:value = 'apple.com.websitesigninserviceinformation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b01-4084-4a80-8f3f-4888950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:49.000Z",
"modified": "2017-06-22T09:16:49.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.cancellation-fraud-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b02-608c-40fb-bf93-496f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:50.000Z",
"modified": "2017-06-22T09:16:50.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.cancellation-payment-fraud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b02-1aa0-4729-9c05-4f71950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:50.000Z",
"modified": "2017-06-22T09:16:50.000Z",
"first_observed": "2017-06-22T09:16:50Z",
"last_observed": "2017-06-22T09:16:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b02-1aa0-4729-9c05-4f71950d210f",
"ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b02-1aa0-4729-9c05-4f71950d210f",
"dst_ref": "ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f",
"value": "103.224.212.192"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b02-9f20-4c53-ae11-4565950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:50.000Z",
"modified": "2017-06-22T09:16:50.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.cancel-order-fraud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b03-9470-41bb-a18f-4fa0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:51.000Z",
"modified": "2017-06-22T09:16:51.000Z",
"first_observed": "2017-06-22T09:16:51Z",
"last_observed": "2017-06-22T09:16:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b03-9470-41bb-a18f-4fa0950d210f",
"ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b03-9470-41bb-a18f-4fa0950d210f",
"dst_ref": "ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f",
"value": "103.224.212.185"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b03-7218-49b6-8d7a-4fc2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:51.000Z",
"modified": "2017-06-22T09:16:51.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.cancel-payment-fraud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b03-83d4-4590-81db-4d60950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:51.000Z",
"modified": "2017-06-22T09:16:51.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.payment-cancellation-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:51.000Z",
"modified": "2017-06-22T09:16:51.000Z",
"first_observed": "2017-06-22T09:16:51Z",
"last_observed": "2017-06-22T09:16:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"dst_ref": "ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f",
"value": "103.224.212.193"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b04-1b98-42f3-8d89-47d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:52.000Z",
"modified": "2017-06-22T09:16:52.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.payment-cancel-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b04-96ac-4717-89ee-42a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:52.000Z",
"modified": "2017-06-22T09:16:52.000Z",
"first_observed": "2017-06-22T09:16:52Z",
"last_observed": "2017-06-22T09:16:52Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b04-96ac-4717-89ee-42a1950d210f",
"ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b04-96ac-4717-89ee-42a1950d210f",
"dst_ref": "ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f",
"value": "103.224.212.186"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b04-6c30-4a4d-807c-4dba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:52.000Z",
"modified": "2017-06-22T09:16:52.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.refundable-payment-client.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b04-1eb4-4241-9d8c-46bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:52.000Z",
"modified": "2017-06-22T09:16:52.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.refund-payment-client.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b05-ba14-4ccd-94ee-4463950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:53.000Z",
"modified": "2017-06-22T09:16:53.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com.refund-payment-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b05-e2bc-43e1-b5f4-49f2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:53.000Z",
"modified": "2017-06-22T09:16:53.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com-access-account-update.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b05-fc88-43d8-b442-4fdd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:53.000Z",
"modified": "2017-06-22T09:16:53.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com-access-account-update.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b05-1b5c-4d11-8d2e-43c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:53.000Z",
"modified": "2017-06-22T09:16:53.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com-access-account-update.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b06-b004-4872-869b-4e42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:54.000Z",
"modified": "2017-06-22T09:16:54.000Z",
"pattern": "[domain-name:value = 'appleid.apple.com-access-unlock-accounts.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b06-e214-4456-ae93-43b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:54.000Z",
"modified": "2017-06-22T09:16:54.000Z",
"pattern": "[domain-name:value = 'authorized-signattempt.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b07-598c-4657-bd36-49e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:55.000Z",
"modified": "2017-06-22T09:16:55.000Z",
"pattern": "[domain-name:value = 'cancellation-fraud-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b07-d904-4b71-9dc2-434d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:55.000Z",
"modified": "2017-06-22T09:16:55.000Z",
"pattern": "[domain-name:value = 'cancellation-payment-fraud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b08-a280-4d8f-9e31-47f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:56.000Z",
"modified": "2017-06-22T09:16:56.000Z",
"pattern": "[domain-name:value = 'cancel-order-fraud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b08-ad60-4deb-a3d7-4e39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:56.000Z",
"modified": "2017-06-22T09:16:56.000Z",
"pattern": "[domain-name:value = 'cloud-line-vision.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b08-1b38-4402-b94c-4b28950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:56.000Z",
"modified": "2017-06-22T09:16:56.000Z",
"pattern": "[domain-name:value = 'com-acces-accounts-limit.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b09-6474-4c2a-87ad-425f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:57.000Z",
"modified": "2017-06-22T09:16:57.000Z",
"pattern": "[domain-name:value = 'com-access-account-limit.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b09-77d8-4509-a437-49e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:57.000Z",
"modified": "2017-06-22T09:16:57.000Z",
"pattern": "[domain-name:value = 'com-access-account-limit.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b09-91c0-40e0-9d89-48f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:57.000Z",
"modified": "2017-06-22T09:16:57.000Z",
"first_observed": "2017-06-22T09:16:57Z",
"last_observed": "2017-06-22T09:16:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b09-91c0-40e0-9d89-48f8950d210f",
"ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b09-91c0-40e0-9d89-48f8950d210f",
"dst_ref": "ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f",
"value": "195.20.50.201"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b09-8844-4440-9fbe-4210950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:57.000Z",
"modified": "2017-06-22T09:16:57.000Z",
"pattern": "[domain-name:value = 'com-access-account-limit.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0a-418c-44b5-8a11-4f20950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:58.000Z",
"modified": "2017-06-22T09:16:58.000Z",
"pattern": "[domain-name:value = 'com-access-account-limit.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0a-f688-485a-b888-4d29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:58.000Z",
"modified": "2017-06-22T09:16:58.000Z",
"pattern": "[domain-name:value = 'com-access-account-update.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0a-f2ac-4106-8343-449d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:58.000Z",
"modified": "2017-06-22T09:16:58.000Z",
"pattern": "[domain-name:value = 'com-access-account-update.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0b-a974-4d27-9dee-4217950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:59.000Z",
"modified": "2017-06-22T09:16:59.000Z",
"pattern": "[domain-name:value = 'com-access-account-update.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0b-32a4-4b68-999a-448b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:59.000Z",
"modified": "2017-06-22T09:16:59.000Z",
"pattern": "[domain-name:value = 'com-access-unlock-accounts.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0b-d1bc-475d-8669-4410950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:59.000Z",
"modified": "2017-06-22T09:16:59.000Z",
"pattern": "[domain-name:value = 'com-access-update-account.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0b-197c-404b-901e-4bf7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:16:59.000Z",
"modified": "2017-06-22T09:16:59.000Z",
"pattern": "[domain-name:value = 'com-access-update-information-account.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:16:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b0c-5084-4296-b4c7-4e86950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:00.000Z",
"modified": "2017-06-22T09:17:00.000Z",
"first_observed": "2017-06-22T09:17:00Z",
"last_observed": "2017-06-22T09:17:00Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b0c-5084-4296-b4c7-4e86950d210f",
"ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b0c-5084-4296-b4c7-4e86950d210f",
"dst_ref": "ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f",
"value": "195.20.51.31"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0c-20a8-43cd-9b19-4538950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:00.000Z",
"modified": "2017-06-22T09:17:00.000Z",
"pattern": "[domain-name:value = 'com-access-update-information-account.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0c-a67c-4023-ab0f-4601950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:00.000Z",
"modified": "2017-06-22T09:17:00.000Z",
"pattern": "[domain-name:value = 'com-access-update-limits-account.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0c-7100-4c58-8afd-4aac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:00.000Z",
"modified": "2017-06-22T09:17:00.000Z",
"pattern": "[domain-name:value = 'com-access-update-limits-account.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0d-8c2c-48c0-923f-4c08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:01.000Z",
"modified": "2017-06-22T09:17:01.000Z",
"pattern": "[domain-name:value = 'com-idicloud-issues-login-from-other-device-please-chek.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0d-c164-449f-b30e-4a7d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:01.000Z",
"modified": "2017-06-22T09:17:01.000Z",
"pattern": "[domain-name:value = 'com-update-account-notifications.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0d-056c-4b71-8ca1-48b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:01.000Z",
"modified": "2017-06-22T09:17:01.000Z",
"pattern": "[domain-name:value = 'com-update-account-notifications.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0e-3734-437b-878c-44ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:02.000Z",
"modified": "2017-06-22T09:17:02.000Z",
"pattern": "[domain-name:value = 'com-update-accounts.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0e-84b8-4090-8003-43f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:02.000Z",
"modified": "2017-06-22T09:17:02.000Z",
"pattern": "[domain-name:value = 'com-update-accounts.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0e-21cc-4298-996e-4bc8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:02.000Z",
"modified": "2017-06-22T09:17:02.000Z",
"pattern": "[domain-name:value = 'configureservicebillinginformation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0f-3d0c-4784-afd0-4178950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:03.000Z",
"modified": "2017-06-22T09:17:03.000Z",
"pattern": "[domain-name:value = 'configureservicebillinginformationwebapps.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b0f-4b18-446b-aa67-4d29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:03.000Z",
"modified": "2017-06-22T09:17:03.000Z",
"pattern": "[domain-name:value = 'confirmation-infomation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b10-b4d4-4732-b527-4144950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:04.000Z",
"modified": "2017-06-22T09:17:04.000Z",
"first_observed": "2017-06-22T09:17:04Z",
"last_observed": "2017-06-22T09:17:04Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b10-b4d4-4732-b527-4144950d210f",
"ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b10-b4d4-4732-b527-4144950d210f",
"dst_ref": "ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f",
"value": "45.33.9.234"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b10-a498-4572-b2a9-4e4d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:04.000Z",
"modified": "2017-06-22T09:17:04.000Z",
"pattern": "[domain-name:value = 'confirmation-secure.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b11-d0e8-4489-9e6e-4860950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:05.000Z",
"modified": "2017-06-22T09:17:05.000Z",
"pattern": "[domain-name:value = 'confirmation-services.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b11-1950-43ba-9061-41c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:05.000Z",
"modified": "2017-06-22T09:17:05.000Z",
"pattern": "[domain-name:value = 'confirmation-transaction.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b11-9ee0-4aef-82b1-4b1f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:05.000Z",
"modified": "2017-06-22T09:17:05.000Z",
"pattern": "[domain-name:value = 'helpserviceinformation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b11-0b1c-493e-b42b-4950950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:05.000Z",
"modified": "2017-06-22T09:17:05.000Z",
"pattern": "[domain-name:value = 'payment-cancellation-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b12-1ac4-4c2a-87c9-44bb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:06.000Z",
"modified": "2017-06-22T09:17:06.000Z",
"pattern": "[domain-name:value = 'paypal.com.access-accounts-limit.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--594b8b12-acf0-463b-824f-47e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:06.000Z",
"modified": "2017-06-22T09:17:06.000Z",
"first_observed": "2017-06-22T09:17:06Z",
"last_observed": "2017-06-22T09:17:06Z",
"number_observed": 1,
"object_refs": [
"network-traffic--594b8b12-acf0-463b-824f-47e5950d210f",
"ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--594b8b12-acf0-463b-824f-47e5950d210f",
"dst_ref": "ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f",
"value": "89.189.197.18"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b12-5678-4bcd-8361-4d30950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:06.000Z",
"modified": "2017-06-22T09:17:06.000Z",
"pattern": "[domain-name:value = 'paypal.com.access-accounts-limit.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b13-9f50-4055-a9f0-40a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:07.000Z",
"modified": "2017-06-22T09:17:07.000Z",
"pattern": "[domain-name:value = 'paypal.com.access-accounts-limit.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b13-9bfc-4353-ba18-4b97950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:07.000Z",
"modified": "2017-06-22T09:17:07.000Z",
"pattern": "[domain-name:value = 'paypal.com.access-update-limit-accounts.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b13-33b0-4cc4-8c07-4f29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:07.000Z",
"modified": "2017-06-22T09:17:07.000Z",
"pattern": "[domain-name:value = 'paypal.com-acces-accounts-limit.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b13-15a4-4d48-9e65-4a60950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:07.000Z",
"modified": "2017-06-22T09:17:07.000Z",
"pattern": "[domain-name:value = 'paypal.com-acces-accounts-limit.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b14-4a5c-4a0c-9413-49a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:08.000Z",
"modified": "2017-06-22T09:17:08.000Z",
"pattern": "[domain-name:value = 'paypal.com-acces-accounts-limit.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b14-0d88-4e48-9d60-48e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:08.000Z",
"modified": "2017-06-22T09:17:08.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-account-limit.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b14-1c88-482a-9995-4a0b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:08.000Z",
"modified": "2017-06-22T09:17:08.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-account-limit.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b14-eabc-4771-adf2-419d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:08.000Z",
"modified": "2017-06-22T09:17:08.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-account-limit.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b15-9d7c-4323-9fed-478e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:09.000Z",
"modified": "2017-06-22T09:17:09.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-account-limit.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b15-67bc-474c-b1cb-4d26950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:09.000Z",
"modified": "2017-06-22T09:17:09.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-account-limit.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b15-0eb0-4b63-b6f5-4545950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:09.000Z",
"modified": "2017-06-22T09:17:09.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-account.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b15-955c-4299-a550-4aa7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:09.000Z",
"modified": "2017-06-22T09:17:09.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-account.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b16-02fc-4e9b-8630-42e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:10.000Z",
"modified": "2017-06-22T09:17:10.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-accounts.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b16-25c0-4c78-9668-4363950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:10.000Z",
"modified": "2017-06-22T09:17:10.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-accounts.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b16-d71c-42e9-86d7-4c28950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:10.000Z",
"modified": "2017-06-22T09:17:10.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-accounts.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b16-d2c8-4a34-a68a-4500950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:10.000Z",
"modified": "2017-06-22T09:17:10.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-accounts.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b17-dac4-471f-9360-4ab8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:11.000Z",
"modified": "2017-06-22T09:17:11.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-info-account.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b17-b9f8-44f4-854f-4406950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:11.000Z",
"modified": "2017-06-22T09:17:11.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b17-ee20-44ce-9abe-4707950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:11.000Z",
"modified": "2017-06-22T09:17:11.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b17-3e14-4b9a-ab9b-4d38950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:11.000Z",
"modified": "2017-06-22T09:17:11.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b18-b430-4c5d-bc51-448a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:12.000Z",
"modified": "2017-06-22T09:17:12.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b18-a084-407b-b657-45a4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:12.000Z",
"modified": "2017-06-22T09:17:12.000Z",
"pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b18-0c14-41f6-8df4-48e2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:12.000Z",
"modified": "2017-06-22T09:17:12.000Z",
"pattern": "[domain-name:value = 'paypal.com-update-account-notifications.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b18-3ee0-4df1-9449-4635950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:12.000Z",
"modified": "2017-06-22T09:17:12.000Z",
"pattern": "[domain-name:value = 'paypal.com-update-account-notifications.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b19-224c-44b9-952a-4002950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:13.000Z",
"modified": "2017-06-22T09:17:13.000Z",
"pattern": "[domain-name:value = 'paypal.com-update-account-notifications.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b19-d2b4-4f28-98a4-46dd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:13.000Z",
"modified": "2017-06-22T09:17:13.000Z",
"pattern": "[domain-name:value = 'paypal.com-update-account-notifications.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b19-fe10-491c-9e90-4255950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:13.000Z",
"modified": "2017-06-22T09:17:13.000Z",
"pattern": "[domain-name:value = 'paypal.com-update-accounts.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1a-1a34-431d-aaf3-4ebd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:14.000Z",
"modified": "2017-06-22T09:17:14.000Z",
"pattern": "[domain-name:value = 'paypal.com-update-accounts.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1a-d7b0-482a-9c99-4341950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:14.000Z",
"modified": "2017-06-22T09:17:14.000Z",
"pattern": "[domain-name:value = 'paypal.com-update-accounts.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1a-7f04-426c-9ee5-4bc9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:14.000Z",
"modified": "2017-06-22T09:17:14.000Z",
"pattern": "[domain-name:value = 'redirect-to-secure.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1b-6ce4-430c-b5fd-488a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:15.000Z",
"modified": "2017-06-22T09:17:15.000Z",
"pattern": "[domain-name:value = 'redirect-to-secure.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1c-0b88-4379-ade9-483b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:16.000Z",
"modified": "2017-06-22T09:17:16.000Z",
"pattern": "[domain-name:value = 'redirect-to-secure.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1c-d014-482e-be37-4422950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:16.000Z",
"modified": "2017-06-22T09:17:16.000Z",
"pattern": "[domain-name:value = 'redirect-to-summary.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1c-79f8-4940-9dcd-4127950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:16.000Z",
"modified": "2017-06-22T09:17:16.000Z",
"pattern": "[domain-name:value = 'redirect-to-summary.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1d-98c0-4277-8466-47db950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:17.000Z",
"modified": "2017-06-22T09:17:17.000Z",
"pattern": "[domain-name:value = 'redirect-to-update.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1d-5ae0-4975-bcf6-4037950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:17.000Z",
"modified": "2017-06-22T09:17:17.000Z",
"pattern": "[domain-name:value = 'redirect-to-update.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1d-8ebc-4c37-bbfa-4e4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:17.000Z",
"modified": "2017-06-22T09:17:17.000Z",
"pattern": "[domain-name:value = 'refundable-payment-cancel.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1e-3c04-491d-8317-4564950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:18.000Z",
"modified": "2017-06-22T09:17:18.000Z",
"pattern": "[domain-name:value = 'refundable-payment-client.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1e-12d8-4ae5-9c85-4f89950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:18.000Z",
"modified": "2017-06-22T09:17:18.000Z",
"pattern": "[domain-name:value = 'refundable-payment-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1e-7fa0-46b1-a7e7-45fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:18.000Z",
"modified": "2017-06-22T09:17:18.000Z",
"pattern": "[domain-name:value = 'refund-payment-client.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1e-d054-484b-81fc-4dfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:18.000Z",
"modified": "2017-06-22T09:17:18.000Z",
"pattern": "[domain-name:value = 'refund-payment-order.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1f-1d88-44a7-a5c5-40b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:19.000Z",
"modified": "2017-06-22T09:17:19.000Z",
"pattern": "[domain-name:value = 'security-linked.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1f-cf48-4d9e-9b15-4564950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:19.000Z",
"modified": "2017-06-22T09:17:19.000Z",
"pattern": "[domain-name:value = 'security-linked.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1f-a50c-47c0-87fb-4e17950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:19.000Z",
"modified": "2017-06-22T09:17:19.000Z",
"pattern": "[domain-name:value = 'security-linked.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b1f-2550-4fdf-a844-4b3c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:19.000Z",
"modified": "2017-06-22T09:17:19.000Z",
"pattern": "[domain-name:value = 'security-measure.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b20-c6a4-4365-b689-4773950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:20.000Z",
"modified": "2017-06-22T09:17:20.000Z",
"pattern": "[domain-name:value = 'security-measure.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b20-a978-4693-aa5c-4449950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:20.000Z",
"modified": "2017-06-22T09:17:20.000Z",
"pattern": "[domain-name:value = 'security-measure.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b20-13a4-4e7b-b002-4e62950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:20.000Z",
"modified": "2017-06-22T09:17:20.000Z",
"pattern": "[domain-name:value = 'service-ppay.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b21-d364-4282-81bd-4f17950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:21.000Z",
"modified": "2017-06-22T09:17:21.000Z",
"pattern": "[domain-name:value = 'servicewebappsinformation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b21-c264-4f41-bdf3-49c8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:21.000Z",
"modified": "2017-06-22T09:17:21.000Z",
"pattern": "[domain-name:value = 'squad-elipsce-line.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b22-9374-4ebb-9d41-45b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:22.000Z",
"modified": "2017-06-22T09:17:22.000Z",
"pattern": "[domain-name:value = 'user-inc-activation.ga']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b22-6d6c-4528-8164-4527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:22.000Z",
"modified": "2017-06-22T09:17:22.000Z",
"pattern": "[domain-name:value = 'websitesigninserviceinformation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b23-cb00-4290-992f-479f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:23.000Z",
"modified": "2017-06-22T09:17:23.000Z",
"pattern": "[domain-name:value = 'www.confirmation-infomation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b8b23-726c-4642-a32c-4d0f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-22T09:17:23.000Z",
"modified": "2017-06-22T09:17:23.000Z",
"pattern": "[domain-name:value = 'www.confirmation-services.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-22T09:17:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink