adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/59ba873e-5c9c-4b00-9c3b-422d950d210f.json

6574 lines
261 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--59ba873e-5c9c-4b00-9c3b-422d950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T14:57:06.000Z",
"modified": "2017-09-14T14:57:06.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--59ba873e-5c9c-4b00-9c3b-422d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T14:57:06.000Z",
"modified": "2017-09-14T14:57:06.000Z",
"name": "M2M - Locky 2017-09-14 : Affid=3, \".lukitus\" : \"Copy of Invoice 12345\" - /invoice.html links",
"published": "2017-09-14T14:57:52Z",
"object_refs": [
"indicator--59ba873e-35cc-49cc-80f5-140f950d210f",
"indicator--59ba873f-39fc-4836-8de7-4206950d210f",
"indicator--59ba873f-e99c-47cc-97c1-4ae6950d210f",
"indicator--59ba873f-1980-4787-9e61-4c6c950d210f",
"indicator--59ba8740-ca00-40c2-beaf-4ce5950d210f",
"indicator--59ba8740-7710-4ab5-843b-140f950d210f",
"observed-data--59ba8740-b544-4241-9e22-4d70950d210f",
"network-traffic--59ba8740-b544-4241-9e22-4d70950d210f",
"ipv4-addr--59ba8740-b544-4241-9e22-4d70950d210f",
"indicator--59ba8741-7ccc-485c-80ab-1630950d210f",
"indicator--59ba8741-44bc-4095-83aa-1686950d210f",
"observed-data--59ba8742-a16c-44bc-ae3c-140f950d210f",
"network-traffic--59ba8742-a16c-44bc-ae3c-140f950d210f",
"ipv4-addr--59ba8742-a16c-44bc-ae3c-140f950d210f",
"indicator--59ba8742-79ec-4e9a-8b3d-4ce3950d210f",
"indicator--59ba8742-78bc-4a3e-8b2f-4e74950d210f",
"observed-data--59ba8742-6584-4d31-bc96-4c70950d210f",
"network-traffic--59ba8742-6584-4d31-bc96-4c70950d210f",
"ipv4-addr--59ba8742-6584-4d31-bc96-4c70950d210f",
"indicator--59ba8743-ca94-45e3-b598-4e87950d210f",
"indicator--59ba8743-3b94-4bb5-9caf-1630950d210f",
"observed-data--59ba8743-a60c-4782-9d33-1686950d210f",
"network-traffic--59ba8743-a60c-4782-9d33-1686950d210f",
"ipv4-addr--59ba8743-a60c-4782-9d33-1686950d210f",
"indicator--59ba8743-7640-4180-9208-43bd950d210f",
"indicator--59ba8744-3da4-4ba2-8575-140f950d210f",
"observed-data--59ba8744-192c-4f12-abf8-4129950d210f",
"network-traffic--59ba8744-192c-4f12-abf8-4129950d210f",
"ipv4-addr--59ba8744-192c-4f12-abf8-4129950d210f",
"indicator--59ba8744-6df8-40da-970e-49d0950d210f",
"indicator--59ba8744-e40c-4eee-883a-4199950d210f",
"observed-data--59ba8745-0d0c-4f14-a808-1527950d210f",
"network-traffic--59ba8745-0d0c-4f14-a808-1527950d210f",
"ipv4-addr--59ba8745-0d0c-4f14-a808-1527950d210f",
"indicator--59ba8745-c5b4-4df1-89e4-1686950d210f",
"indicator--59ba8745-d8e0-485b-a3ca-44ca950d210f",
"observed-data--59ba8746-2374-4a47-9bf0-140f950d210f",
"network-traffic--59ba8746-2374-4a47-9bf0-140f950d210f",
"ipv4-addr--59ba8746-2374-4a47-9bf0-140f950d210f",
"indicator--59ba8746-eb80-4fd3-bad4-4958950d210f",
"indicator--59ba8746-d550-483a-9bd3-4034950d210f",
"observed-data--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"network-traffic--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"ipv4-addr--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"indicator--59ba8747-1138-454d-af10-4cb0950d210f",
"indicator--59ba8747-c2ec-4bbe-89ff-4e8b950d210f",
"observed-data--59ba8747-c818-4f7f-87a8-4b85950d210f",
"network-traffic--59ba8747-c818-4f7f-87a8-4b85950d210f",
"ipv4-addr--59ba8747-c818-4f7f-87a8-4b85950d210f",
"indicator--59ba8748-de78-47b9-878f-151a950d210f",
"indicator--59ba8748-a170-48e7-b7fc-4957950d210f",
"observed-data--59ba8748-a3a8-4d1e-9655-4679950d210f",
"network-traffic--59ba8748-a3a8-4d1e-9655-4679950d210f",
"ipv4-addr--59ba8748-a3a8-4d1e-9655-4679950d210f",
"indicator--59ba8748-efd4-484d-869b-4219950d210f",
"indicator--59ba8748-3da8-44bd-b561-44da950d210f",
"observed-data--59ba8749-5d34-4ca1-9df2-1686950d210f",
"network-traffic--59ba8749-5d34-4ca1-9df2-1686950d210f",
"ipv4-addr--59ba8749-5d34-4ca1-9df2-1686950d210f",
"indicator--59ba8749-bd20-4300-a566-45fb950d210f",
"indicator--59ba8749-35bc-4640-b9f5-4ae5950d210f",
"observed-data--59ba874a-92ec-4669-90df-151a950d210f",
"network-traffic--59ba874a-92ec-4669-90df-151a950d210f",
"ipv4-addr--59ba874a-92ec-4669-90df-151a950d210f",
"indicator--59ba874a-580c-4022-86ab-4a86950d210f",
"indicator--59ba874a-bc2c-437a-8cb4-4397950d210f",
"observed-data--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"network-traffic--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"ipv4-addr--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"indicator--59ba874a-bf34-416a-9a1f-1527950d210f",
"indicator--59ba874b-aaac-4e2d-98f8-4025950d210f",
"observed-data--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"network-traffic--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"ipv4-addr--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"indicator--59ba874b-3460-43db-bd03-140f950d210f",
"indicator--59ba874b-8958-427a-8bd6-499f950d210f",
"observed-data--59ba874c-f2e4-4270-9797-4526950d210f",
"network-traffic--59ba874c-f2e4-4270-9797-4526950d210f",
"ipv4-addr--59ba874c-f2e4-4270-9797-4526950d210f",
"indicator--59ba874c-34c8-4054-8f8d-48b8950d210f",
"indicator--59ba874c-1044-43ff-a6e3-4163950d210f",
"observed-data--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"network-traffic--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"ipv4-addr--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"indicator--59ba874d-f424-49ba-a063-1686950d210f",
"indicator--59ba874d-04e0-45f3-a37e-4525950d210f",
"observed-data--59ba874d-1f58-4a6e-9796-140f950d210f",
"network-traffic--59ba874d-1f58-4a6e-9796-140f950d210f",
"ipv4-addr--59ba874d-1f58-4a6e-9796-140f950d210f",
"indicator--59ba874d-3b60-4d60-a763-4515950d210f",
"indicator--59ba874e-2a38-4b02-8ffe-151a950d210f",
"observed-data--59ba874e-ae10-4850-a52d-4c8c950d210f",
"network-traffic--59ba874e-ae10-4850-a52d-4c8c950d210f",
"ipv4-addr--59ba874e-ae10-4850-a52d-4c8c950d210f",
"indicator--59ba874e-67a4-4abb-a3ee-4420950d210f",
"indicator--59ba874e-a8b4-4304-8bf3-453c950d210f",
"observed-data--59ba874f-cb48-4044-b534-1686950d210f",
"network-traffic--59ba874f-cb48-4044-b534-1686950d210f",
"ipv4-addr--59ba874f-cb48-4044-b534-1686950d210f",
"indicator--59ba874f-04d4-4a62-9672-45d7950d210f",
"indicator--59ba874f-51c8-47b9-9fec-140f950d210f",
"observed-data--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"network-traffic--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"ipv4-addr--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"indicator--59ba8750-d36c-4ffd-a610-151a950d210f",
"indicator--59ba8750-6e40-48b9-8e3d-4d00950d210f",
"observed-data--59ba8751-f418-49bc-9946-41f5950d210f",
"network-traffic--59ba8751-f418-49bc-9946-41f5950d210f",
"ipv4-addr--59ba8751-f418-49bc-9946-41f5950d210f",
"indicator--59ba8751-333c-47ad-8415-1686950d210f",
"indicator--59ba8751-90e0-429b-affc-4a84950d210f",
"observed-data--59ba8752-b674-4299-b4a7-4d53950d210f",
"network-traffic--59ba8752-b674-4299-b4a7-4d53950d210f",
"ipv4-addr--59ba8752-b674-4299-b4a7-4d53950d210f",
"indicator--59ba8752-07ec-4831-9b1c-4439950d210f",
"indicator--59ba8752-c15c-47b3-bc2b-425b950d210f",
"indicator--59ba8752-5d54-432a-a329-4c3f950d210f",
"indicator--59ba8753-14f4-4b17-bbb4-453a950d210f",
"observed-data--59ba8753-c86c-4621-9f8e-43cc950d210f",
"network-traffic--59ba8753-c86c-4621-9f8e-43cc950d210f",
"ipv4-addr--59ba8753-c86c-4621-9f8e-43cc950d210f",
"indicator--59ba8753-73e8-4dce-91e8-1686950d210f",
"indicator--59ba8753-5484-477c-83a1-49d7950d210f",
"observed-data--59ba8753-d4fc-467f-afec-4966950d210f",
"network-traffic--59ba8753-d4fc-467f-afec-4966950d210f",
"ipv4-addr--59ba8753-d4fc-467f-afec-4966950d210f",
"indicator--59ba8754-8abc-4055-b601-47b1950d210f",
"indicator--59ba8754-a6b4-46d7-890a-49f6950d210f",
"observed-data--59ba8754-561c-4175-ad13-488d950d210f",
"network-traffic--59ba8754-561c-4175-ad13-488d950d210f",
"ipv4-addr--59ba8754-561c-4175-ad13-488d950d210f",
"indicator--59ba8754-8edc-4a1c-9082-44c2950d210f",
"indicator--59ba8754-b918-4bb6-9633-41cb950d210f",
"observed-data--59ba8755-a904-465b-9544-1527950d210f",
"network-traffic--59ba8755-a904-465b-9544-1527950d210f",
"ipv4-addr--59ba8755-a904-465b-9544-1527950d210f",
"indicator--59ba8755-8e74-4368-9eeb-4c0c950d210f",
"indicator--59ba8755-9664-46cb-aef6-4b1b950d210f",
"observed-data--59ba8755-e494-4962-830c-47a9950d210f",
"network-traffic--59ba8755-e494-4962-830c-47a9950d210f",
"ipv4-addr--59ba8755-e494-4962-830c-47a9950d210f",
"indicator--59ba8756-9fb0-4a9a-9230-4d4e950d210f",
"indicator--59ba8756-e780-460a-b4be-484d950d210f",
"observed-data--59ba8756-f4ac-44ef-b579-151a950d210f",
"network-traffic--59ba8756-f4ac-44ef-b579-151a950d210f",
"ipv4-addr--59ba8756-f4ac-44ef-b579-151a950d210f",
"indicator--59ba8756-3fb8-444d-ba9c-42cb950d210f",
"indicator--59ba8756-0b0c-41c4-9635-4cc1950d210f",
"observed-data--59ba8759-a334-4593-b4ec-4a98950d210f",
"network-traffic--59ba8759-a334-4593-b4ec-4a98950d210f",
"ipv4-addr--59ba8759-a334-4593-b4ec-4a98950d210f",
"indicator--59ba8759-fac8-4898-8ee4-4c83950d210f",
"indicator--59ba8759-2ba8-4e23-ae9c-403f950d210f",
"observed-data--59ba8759-2764-44ce-8faf-4657950d210f",
"network-traffic--59ba8759-2764-44ce-8faf-4657950d210f",
"ipv4-addr--59ba8759-2764-44ce-8faf-4657950d210f",
"indicator--59ba875a-c758-41b3-b30c-42f8950d210f",
"indicator--59ba875a-9e5c-4266-874e-4189950d210f",
"observed-data--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"network-traffic--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"ipv4-addr--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"indicator--59ba875b-2374-469b-b37c-4960950d210f",
"indicator--59ba875b-0438-46cc-8a65-4284950d210f",
"observed-data--59ba875b-d478-4688-a684-433a950d210f",
"network-traffic--59ba875b-d478-4688-a684-433a950d210f",
"ipv4-addr--59ba875b-d478-4688-a684-433a950d210f",
"indicator--59ba875b-b0e4-4666-8cb4-1686950d210f",
"indicator--59ba875b-ba3c-4d94-be59-40ed950d210f",
"observed-data--59ba875b-bda0-4e0f-8022-4250950d210f",
"network-traffic--59ba875b-bda0-4e0f-8022-4250950d210f",
"ipv4-addr--59ba875b-bda0-4e0f-8022-4250950d210f",
"indicator--59ba875c-eae0-4ae6-bed1-4092950d210f",
"indicator--59ba875c-dae8-43c9-a93b-4a75950d210f",
"observed-data--59ba875c-4cf0-46fd-92d4-478c950d210f",
"network-traffic--59ba875c-4cf0-46fd-92d4-478c950d210f",
"ipv4-addr--59ba875c-4cf0-46fd-92d4-478c950d210f",
"indicator--59ba875c-d278-40eb-b992-4586950d210f",
"indicator--59ba875c-60e8-4e1c-99df-4961950d210f",
"observed-data--59ba875d-5530-4a6f-b96e-1686950d210f",
"network-traffic--59ba875d-5530-4a6f-b96e-1686950d210f",
"ipv4-addr--59ba875d-5530-4a6f-b96e-1686950d210f",
"indicator--59ba875d-1d4c-4195-8033-4407950d210f",
"indicator--59ba875d-3514-41f2-bfc6-478d950d210f",
"observed-data--59ba875e-20a4-4e27-83ac-4cba950d210f",
"network-traffic--59ba875e-20a4-4e27-83ac-4cba950d210f",
"ipv4-addr--59ba875e-20a4-4e27-83ac-4cba950d210f",
"indicator--59ba875e-4278-48aa-b6ac-140f950d210f",
"indicator--59ba875e-e5a0-482e-9fd7-4a3d950d210f",
"observed-data--59ba875f-6c08-43a4-a54a-4478950d210f",
"network-traffic--59ba875f-6c08-43a4-a54a-4478950d210f",
"ipv4-addr--59ba875f-6c08-43a4-a54a-4478950d210f",
"indicator--59ba875f-a814-48dc-89f7-4d69950d210f",
"indicator--59ba875f-b7e4-48a1-9c63-1527950d210f",
"observed-data--59ba8760-30d4-42e6-8dde-140f950d210f",
"network-traffic--59ba8760-30d4-42e6-8dde-140f950d210f",
"ipv4-addr--59ba8760-30d4-42e6-8dde-140f950d210f",
"indicator--59ba8760-1304-45ab-9106-44de950d210f",
"indicator--59ba8760-77fc-4c8a-883e-151a950d210f",
"observed-data--59ba8761-2a04-47a9-8ffc-4933950d210f",
"network-traffic--59ba8761-2a04-47a9-8ffc-4933950d210f",
"ipv4-addr--59ba8761-2a04-47a9-8ffc-4933950d210f",
"indicator--59ba8761-daa4-456a-a44f-1527950d210f",
"indicator--59ba8761-6290-4590-be5f-1686950d210f",
"observed-data--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"network-traffic--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"ipv4-addr--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"indicator--59ba8762-c054-44be-a66b-140f950d210f",
"indicator--59ba8762-f25c-4fdd-afad-4d02950d210f",
"observed-data--59ba8762-b044-4deb-b975-4f30950d210f",
"network-traffic--59ba8762-b044-4deb-b975-4f30950d210f",
"ipv4-addr--59ba8762-b044-4deb-b975-4f30950d210f",
"indicator--59ba8762-10c0-411e-a390-4d65950d210f",
"indicator--59ba8763-5014-45ba-9123-4d7e950d210f",
"observed-data--59ba8763-fa20-4083-b634-1686950d210f",
"network-traffic--59ba8763-fa20-4083-b634-1686950d210f",
"ipv4-addr--59ba8763-fa20-4083-b634-1686950d210f",
"indicator--59ba8763-e234-4813-b725-4ba2950d210f",
"indicator--59ba8763-9d40-4dd8-bd8d-140f950d210f",
"observed-data--59ba8764-55f4-42b0-9b32-4792950d210f",
"network-traffic--59ba8764-55f4-42b0-9b32-4792950d210f",
"ipv4-addr--59ba8764-55f4-42b0-9b32-4792950d210f",
"indicator--59ba8764-8a80-4ba4-be2d-413a950d210f",
"indicator--59ba8764-b638-445d-a797-151a950d210f",
"observed-data--59ba8765-7388-4b48-9215-403d950d210f",
"network-traffic--59ba8765-7388-4b48-9215-403d950d210f",
"ipv4-addr--59ba8765-7388-4b48-9215-403d950d210f",
"indicator--59ba8765-1fb0-46fd-8ec1-1527950d210f",
"indicator--59ba8765-9b48-47e4-9207-4f31950d210f",
"observed-data--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"network-traffic--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"ipv4-addr--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"indicator--59ba8765-871c-4d80-ad36-4f89950d210f",
"indicator--59ba8766-fca0-4828-bb21-4e5f950d210f",
"observed-data--59ba8766-fcf0-43af-85d3-151a950d210f",
"network-traffic--59ba8766-fcf0-43af-85d3-151a950d210f",
"ipv4-addr--59ba8766-fcf0-43af-85d3-151a950d210f",
"indicator--59ba8766-3054-4857-bca5-46a7950d210f",
"indicator--59ba8766-ed80-4a57-9009-419b950d210f",
"observed-data--59ba8767-e20c-4a13-b347-1686950d210f",
"network-traffic--59ba8767-e20c-4a13-b347-1686950d210f",
"ipv4-addr--59ba8767-e20c-4a13-b347-1686950d210f",
"indicator--59ba8767-8e1c-46c0-aa78-4473950d210f",
"indicator--59ba8767-0080-4a4c-9afb-140f950d210f",
"observed-data--59ba8767-a610-4412-880e-45e4950d210f",
"network-traffic--59ba8767-a610-4412-880e-45e4950d210f",
"ipv4-addr--59ba8767-a610-4412-880e-45e4950d210f",
"indicator--59ba8767-738c-4da4-a5c3-47e1950d210f",
"indicator--59ba8768-8f24-465a-ae55-4f2e950d210f",
"observed-data--59ba8769-beac-44ca-a2d4-1686950d210f",
"network-traffic--59ba8769-beac-44ca-a2d4-1686950d210f",
"ipv4-addr--59ba8769-beac-44ca-a2d4-1686950d210f",
"indicator--59ba8769-b948-4d31-a7ca-4b13950d210f",
"indicator--59ba8769-f958-4b26-b097-140f950d210f",
"indicator--59ba876b-bd50-404d-93a9-4f19950d210f",
"indicator--59ba876b-c408-4327-8b58-4645950d210f",
"observed-data--59ba876c-cb80-4e7a-b67f-1686950d210f",
"network-traffic--59ba876c-cb80-4e7a-b67f-1686950d210f",
"ipv4-addr--59ba876c-cb80-4e7a-b67f-1686950d210f",
"indicator--59ba876c-2020-4ce1-a198-47b4950d210f",
"indicator--59ba876c-5460-4199-bc4a-140f950d210f",
"observed-data--59ba876c-85c4-46b7-94fb-4bca950d210f",
"network-traffic--59ba876c-85c4-46b7-94fb-4bca950d210f",
"ipv4-addr--59ba876c-85c4-46b7-94fb-4bca950d210f",
"indicator--59ba876c-84c4-4e7a-a406-4847950d210f",
"indicator--59ba876d-fec4-4ec7-9424-4b32950d210f",
"indicator--59ba876d-ec64-4c14-b3b3-1527950d210f",
"indicator--59ba876d-0d94-48a7-964b-4605950d210f",
"indicator--59ba876e-0360-479d-acc2-4735950d210f",
"indicator--59ba876e-4998-484a-97e2-4096950d210f",
"indicator--59ba876f-71d4-4990-92a1-4fc4950d210f",
"indicator--59ba876f-96c8-47b6-b319-1527950d210f",
"indicator--59ba8770-e7dc-4735-9c60-4a5b950d210f",
"indicator--59ba8770-3228-4cf8-8362-410d950d210f",
"indicator--59ba8770-a1f4-4017-825c-4d71950d210f",
"indicator--59ba8771-b1d4-4b94-be7d-4a42950d210f",
"indicator--59ba8771-e888-4167-a6d0-1527950d210f",
"indicator--59ba8772-77a8-435d-b54c-435a950d210f",
"indicator--59ba8772-3e30-4f4f-9214-4cff950d210f",
"indicator--59ba8772-34cc-496e-9956-4a92950d210f",
"indicator--59ba8773-83e0-4f8f-81a4-415b950d210f",
"indicator--59ba8773-3374-4aac-9cf0-1527950d210f",
"indicator--59ba8773-4fe4-48f6-ae1d-4038950d210f",
"indicator--59ba8774-4ecc-4fca-a448-4b18950d210f",
"indicator--59ba8774-e564-4a96-bc45-44a4950d210f",
"indicator--59ba8775-26cc-444a-ac34-4d08950d210f",
"indicator--59ba8775-9a98-4fcf-a557-1527950d210f",
"indicator--59ba8775-8f18-407a-b2f1-4b8a950d210f",
"indicator--59ba8776-8bb8-4dfd-b886-44dd950d210f",
"indicator--59ba8776-2268-43dc-b390-4a36950d210f",
"indicator--59ba8776-43e8-409c-8be7-4a48950d210f",
"indicator--59ba8777-9f68-4241-9193-1527950d210f",
"indicator--59ba8777-5ff8-420d-9066-4973950d210f",
"indicator--59ba8778-a78c-49f9-b26b-48c5950d210f",
"indicator--59ba8778-8b1c-4189-86f0-417c950d210f",
"indicator--59ba8778-e3ec-40d1-87ca-4581950d210f",
"indicator--59ba8779-1594-45e2-ad53-1527950d210f",
"indicator--59ba8779-c7b4-45b4-a987-4665950d210f",
"indicator--59ba8779-9470-4de0-b774-4ac1950d210f",
"indicator--59ba877a-42e4-438d-aa55-4e12950d210f",
"indicator--59ba877a-09e8-4156-8437-4222950d210f",
"indicator--59ba877b-dd50-476f-8385-1527950d210f",
"indicator--59ba877b-e674-4c1c-9ce1-405b950d210f",
"indicator--59ba877b-8ae0-44ce-beee-4d90950d210f",
"indicator--59ba877c-42e4-43a0-8d8d-4515950d210f",
"indicator--59ba877c-9ad8-4739-885b-483e950d210f",
"indicator--59ba877d-fa34-409c-8bd8-1527950d210f",
"indicator--59ba877d-f940-4aa7-8045-40aa950d210f",
"observed-data--59ba877d-83fc-4d78-acd8-140f950d210f",
"network-traffic--59ba877d-83fc-4d78-acd8-140f950d210f",
"ipv4-addr--59ba877d-83fc-4d78-acd8-140f950d210f",
"indicator--59ba877d-fdfc-412e-b424-4ba6950d210f",
"indicator--59ba877d-6180-4f2e-9cd9-4394950d210f",
"indicator--59ba877e-d948-4e38-967e-44f7950d210f",
"indicator--59ba877e-8ed4-4715-8ba3-4840950d210f",
"indicator--59ba877f-b01c-486c-935e-1527950d210f",
"indicator--59ba877f-a93c-4352-827e-491d950d210f",
"indicator--59ba877f-3a1c-4b6d-8808-4ed8950d210f",
"observed-data--59ba8780-5944-4e02-b5a3-1527950d210f",
"url--59ba8780-5944-4e02-b5a3-1527950d210f",
"observed-data--59ba8780-9468-4a7a-8733-4e87950d210f",
"network-traffic--59ba8780-9468-4a7a-8733-4e87950d210f",
"ipv4-addr--59ba8780-9468-4a7a-8733-4e87950d210f",
"observed-data--59ba8781-a104-4d3e-b936-140f950d210f",
"url--59ba8781-a104-4d3e-b936-140f950d210f",
"observed-data--59ba8781-9f40-4f23-b785-4413950d210f",
"network-traffic--59ba8781-9f40-4f23-b785-4413950d210f",
"ipv4-addr--59ba8781-9f40-4f23-b785-4413950d210f",
"indicator--59ba8781-8418-4ec7-b737-42c5950d210f",
"indicator--59ba8781-d2f4-4ce2-9020-4857950d210f",
"indicator--59ba8782-a224-4717-b7d7-4a40950d210f",
"indicator--59ba8782-809c-4ade-8f25-151a950d210f",
"indicator--59ba8782-d024-4fa4-b48e-4479950d210f",
"indicator--59ba8782-f488-4be9-b71c-4c4a950d210f",
"indicator--59ba8782-e6b4-46c5-a4d3-4dd6950d210f",
"indicator--59ba8783-4e98-4f3f-aab3-4d20950d210f",
"indicator--59ba8783-5518-42ac-bbae-450b950d210f",
"indicator--59ba8783-fe8c-45a8-995d-4a65950d210f",
"observed-data--59ba8783-6760-4800-aa48-1686950d210f",
"network-traffic--59ba8783-6760-4800-aa48-1686950d210f",
"ipv4-addr--59ba8783-6760-4800-aa48-1686950d210f",
"indicator--59ba8783-fd9c-4073-9b02-1527950d210f",
"indicator--59ba8784-19f0-4a0d-bc83-4da0950d210f",
"indicator--59ba8784-62d4-4273-b5b2-140f950d210f",
"indicator--59ba8784-9724-4e52-9994-4209950d210f",
"indicator--59ba8784-2be0-418e-86d2-452b950d210f",
"indicator--59ba8785-c858-41b1-bcc8-4e14950d210f",
"indicator--59ba8785-c390-4655-b1ab-4eb4950d210f",
"indicator--59ba8785-9930-4bfd-910e-151a950d210f",
"indicator--59ba8786-8f94-4e3d-9fad-420f950d210f",
"indicator--59ba8786-37d8-4da6-ab69-49ec950d210f",
"indicator--59ba8787-d56c-42b4-930a-451f950d210f",
"indicator--59ba8787-e794-42df-8afd-43c9950d210f",
"indicator--59ba8787-1484-4994-a5b7-46ee950d210f",
"indicator--59ba8787-aaa4-42da-bec0-45f9950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Locky\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba873e-35cc-49cc-80f5-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:22.000Z",
"modified": "2017-09-14T13:42:22.000Z",
"pattern": "[file:hashes.MD5 = '794389948dfbb33a481314ffef122d94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba873f-39fc-4836-8de7-4206950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:23.000Z",
"modified": "2017-09-14T13:42:23.000Z",
"pattern": "[file:hashes.MD5 = '3d85861c5895e9761ac54a6384b1b6d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba873f-e99c-47cc-97c1-4ae6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:23.000Z",
"modified": "2017-09-14T13:42:23.000Z",
"pattern": "[file:hashes.MD5 = '6d1b4226335c29c83c6818bb80f614ef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba873f-1980-4787-9e61-4c6c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:23.000Z",
"modified": "2017-09-14T13:42:23.000Z",
"pattern": "[file:hashes.MD5 = '0baa76aff41923c511bb56f88fe949cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8740-ca00-40c2-beaf-4ce5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:24.000Z",
"modified": "2017-09-14T13:42:24.000Z",
"pattern": "[url:value = 'http://109.108.145.100.srvlist.ukfast.net/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8740-7710-4ab5-843b-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:24.000Z",
"modified": "2017-09-14T13:42:24.000Z",
"pattern": "[domain-name:value = '109.108.145.100.srvlist.ukfast.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8740-b544-4241-9e22-4d70950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:24.000Z",
"modified": "2017-09-14T13:42:24.000Z",
"first_observed": "2017-09-14T13:42:24Z",
"last_observed": "2017-09-14T13:42:24Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8740-b544-4241-9e22-4d70950d210f",
"ipv4-addr--59ba8740-b544-4241-9e22-4d70950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8740-b544-4241-9e22-4d70950d210f",
"dst_ref": "ipv4-addr--59ba8740-b544-4241-9e22-4d70950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8740-b544-4241-9e22-4d70950d210f",
"value": "109.108.145.100"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8741-7ccc-485c-80ab-1630950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:25.000Z",
"modified": "2017-09-14T13:42:25.000Z",
"pattern": "[url:value = 'http://72.4f.354a.static.theplanet.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8741-44bc-4095-83aa-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:25.000Z",
"modified": "2017-09-14T13:42:25.000Z",
"pattern": "[domain-name:value = '72.4f.354a.static.theplanet.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8742-a16c-44bc-ae3c-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:26.000Z",
"modified": "2017-09-14T13:42:26.000Z",
"first_observed": "2017-09-14T13:42:26Z",
"last_observed": "2017-09-14T13:42:26Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8742-a16c-44bc-ae3c-140f950d210f",
"ipv4-addr--59ba8742-a16c-44bc-ae3c-140f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8742-a16c-44bc-ae3c-140f950d210f",
"dst_ref": "ipv4-addr--59ba8742-a16c-44bc-ae3c-140f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8742-a16c-44bc-ae3c-140f950d210f",
"value": "74.53.79.114"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8742-79ec-4e9a-8b3d-4ce3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:26.000Z",
"modified": "2017-09-14T13:42:26.000Z",
"pattern": "[url:value = 'http://alfixit.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8742-78bc-4a3e-8b2f-4e74950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:26.000Z",
"modified": "2017-09-14T13:42:26.000Z",
"pattern": "[domain-name:value = 'alfixit.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8742-6584-4d31-bc96-4c70950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:26.000Z",
"modified": "2017-09-14T13:42:26.000Z",
"first_observed": "2017-09-14T13:42:26Z",
"last_observed": "2017-09-14T13:42:26Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8742-6584-4d31-bc96-4c70950d210f",
"ipv4-addr--59ba8742-6584-4d31-bc96-4c70950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8742-6584-4d31-bc96-4c70950d210f",
"dst_ref": "ipv4-addr--59ba8742-6584-4d31-bc96-4c70950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8742-6584-4d31-bc96-4c70950d210f",
"value": "46.30.213.77"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8743-ca94-45e3-b598-4e87950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:27.000Z",
"modified": "2017-09-14T13:42:27.000Z",
"pattern": "[url:value = 'http://altarweddingcars.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8743-3b94-4bb5-9caf-1630950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:27.000Z",
"modified": "2017-09-14T13:42:27.000Z",
"pattern": "[domain-name:value = 'altarweddingcars.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8743-a60c-4782-9d33-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:27.000Z",
"modified": "2017-09-14T13:42:27.000Z",
"first_observed": "2017-09-14T13:42:27Z",
"last_observed": "2017-09-14T13:42:27Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8743-a60c-4782-9d33-1686950d210f",
"ipv4-addr--59ba8743-a60c-4782-9d33-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8743-a60c-4782-9d33-1686950d210f",
"dst_ref": "ipv4-addr--59ba8743-a60c-4782-9d33-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8743-a60c-4782-9d33-1686950d210f",
"value": "193.189.74.92"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8743-7640-4180-9208-43bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:27.000Z",
"modified": "2017-09-14T13:42:27.000Z",
"pattern": "[url:value = 'http://ammann-it.ch/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8744-3da4-4ba2-8575-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:28.000Z",
"modified": "2017-09-14T13:42:28.000Z",
"pattern": "[domain-name:value = 'ammann-it.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8744-192c-4f12-abf8-4129950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:28.000Z",
"modified": "2017-09-14T13:42:28.000Z",
"first_observed": "2017-09-14T13:42:28Z",
"last_observed": "2017-09-14T13:42:28Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8744-192c-4f12-abf8-4129950d210f",
"ipv4-addr--59ba8744-192c-4f12-abf8-4129950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8744-192c-4f12-abf8-4129950d210f",
"dst_ref": "ipv4-addr--59ba8744-192c-4f12-abf8-4129950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8744-192c-4f12-abf8-4129950d210f",
"value": "213.221.215.20"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8744-6df8-40da-970e-49d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:28.000Z",
"modified": "2017-09-14T13:42:28.000Z",
"pattern": "[url:value = 'http://arvinmoti.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8744-e40c-4eee-883a-4199950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:28.000Z",
"modified": "2017-09-14T13:42:28.000Z",
"pattern": "[domain-name:value = 'arvinmoti.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8745-0d0c-4f14-a808-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:29.000Z",
"modified": "2017-09-14T13:42:29.000Z",
"first_observed": "2017-09-14T13:42:29Z",
"last_observed": "2017-09-14T13:42:29Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8745-0d0c-4f14-a808-1527950d210f",
"ipv4-addr--59ba8745-0d0c-4f14-a808-1527950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8745-0d0c-4f14-a808-1527950d210f",
"dst_ref": "ipv4-addr--59ba8745-0d0c-4f14-a808-1527950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8745-0d0c-4f14-a808-1527950d210f",
"value": "46.30.215.9"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8745-c5b4-4df1-89e4-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:29.000Z",
"modified": "2017-09-14T13:42:29.000Z",
"pattern": "[url:value = 'http://balzantruck.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8745-d8e0-485b-a3ca-44ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:29.000Z",
"modified": "2017-09-14T13:42:29.000Z",
"pattern": "[domain-name:value = 'balzantruck.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8746-2374-4a47-9bf0-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:30.000Z",
"modified": "2017-09-14T13:42:30.000Z",
"first_observed": "2017-09-14T13:42:30Z",
"last_observed": "2017-09-14T13:42:30Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8746-2374-4a47-9bf0-140f950d210f",
"ipv4-addr--59ba8746-2374-4a47-9bf0-140f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8746-2374-4a47-9bf0-140f950d210f",
"dst_ref": "ipv4-addr--59ba8746-2374-4a47-9bf0-140f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8746-2374-4a47-9bf0-140f950d210f",
"value": "69.156.240.29"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8746-eb80-4fd3-bad4-4958950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:30.000Z",
"modified": "2017-09-14T13:42:30.000Z",
"pattern": "[url:value = 'http://bigredsgeneralcontracting.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8746-d550-483a-9bd3-4034950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:30.000Z",
"modified": "2017-09-14T13:42:30.000Z",
"pattern": "[domain-name:value = 'bigredsgeneralcontracting.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:31.000Z",
"modified": "2017-09-14T13:42:31.000Z",
"first_observed": "2017-09-14T13:42:31Z",
"last_observed": "2017-09-14T13:42:31Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"ipv4-addr--59ba8747-edf0-4b6b-8d7a-1527950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"dst_ref": "ipv4-addr--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8747-edf0-4b6b-8d7a-1527950d210f",
"value": "205.234.197.147"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8747-1138-454d-af10-4cb0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:31.000Z",
"modified": "2017-09-14T13:42:31.000Z",
"pattern": "[url:value = 'http://brockmann-buecher.de/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8747-c2ec-4bbe-89ff-4e8b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:31.000Z",
"modified": "2017-09-14T13:42:31.000Z",
"pattern": "[domain-name:value = 'brockmann-buecher.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8747-c818-4f7f-87a8-4b85950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:31.000Z",
"modified": "2017-09-14T13:42:31.000Z",
"first_observed": "2017-09-14T13:42:31Z",
"last_observed": "2017-09-14T13:42:31Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8747-c818-4f7f-87a8-4b85950d210f",
"ipv4-addr--59ba8747-c818-4f7f-87a8-4b85950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8747-c818-4f7f-87a8-4b85950d210f",
"dst_ref": "ipv4-addr--59ba8747-c818-4f7f-87a8-4b85950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8747-c818-4f7f-87a8-4b85950d210f",
"value": "85.88.11.74"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8748-de78-47b9-878f-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:32.000Z",
"modified": "2017-09-14T13:42:32.000Z",
"pattern": "[url:value = 'http://comtecav.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8748-a170-48e7-b7fc-4957950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:32.000Z",
"modified": "2017-09-14T13:42:32.000Z",
"pattern": "[domain-name:value = 'comtecav.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8748-a3a8-4d1e-9655-4679950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:32.000Z",
"modified": "2017-09-14T13:42:32.000Z",
"first_observed": "2017-09-14T13:42:32Z",
"last_observed": "2017-09-14T13:42:32Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8748-a3a8-4d1e-9655-4679950d210f",
"ipv4-addr--59ba8748-a3a8-4d1e-9655-4679950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8748-a3a8-4d1e-9655-4679950d210f",
"dst_ref": "ipv4-addr--59ba8748-a3a8-4d1e-9655-4679950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8748-a3a8-4d1e-9655-4679950d210f",
"value": "109.75.166.133"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8748-efd4-484d-869b-4219950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:32.000Z",
"modified": "2017-09-14T13:42:32.000Z",
"pattern": "[url:value = 'http://craigstrong.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8748-3da8-44bd-b561-44da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:32.000Z",
"modified": "2017-09-14T13:42:32.000Z",
"pattern": "[domain-name:value = 'craigstrong.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8749-5d34-4ca1-9df2-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:33.000Z",
"modified": "2017-09-14T13:42:33.000Z",
"first_observed": "2017-09-14T13:42:33Z",
"last_observed": "2017-09-14T13:42:33Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8749-5d34-4ca1-9df2-1686950d210f",
"ipv4-addr--59ba8749-5d34-4ca1-9df2-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8749-5d34-4ca1-9df2-1686950d210f",
"dst_ref": "ipv4-addr--59ba8749-5d34-4ca1-9df2-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8749-5d34-4ca1-9df2-1686950d210f",
"value": "80.82.114.96"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8749-bd20-4300-a566-45fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:33.000Z",
"modified": "2017-09-14T13:42:33.000Z",
"pattern": "[url:value = 'http://danyaanderson.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8749-35bc-4640-b9f5-4ae5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:33.000Z",
"modified": "2017-09-14T13:42:33.000Z",
"pattern": "[domain-name:value = 'danyaanderson.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874a-92ec-4669-90df-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:34.000Z",
"modified": "2017-09-14T13:42:34.000Z",
"first_observed": "2017-09-14T13:42:34Z",
"last_observed": "2017-09-14T13:42:34Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874a-92ec-4669-90df-151a950d210f",
"ipv4-addr--59ba874a-92ec-4669-90df-151a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874a-92ec-4669-90df-151a950d210f",
"dst_ref": "ipv4-addr--59ba874a-92ec-4669-90df-151a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874a-92ec-4669-90df-151a950d210f",
"value": "64.150.188.63"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874a-580c-4022-86ab-4a86950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:34.000Z",
"modified": "2017-09-14T13:42:34.000Z",
"pattern": "[url:value = 'http://epse.pt/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874a-bc2c-437a-8cb4-4397950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:34.000Z",
"modified": "2017-09-14T13:42:34.000Z",
"pattern": "[domain-name:value = 'epse.pt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:34.000Z",
"modified": "2017-09-14T13:42:34.000Z",
"first_observed": "2017-09-14T13:42:34Z",
"last_observed": "2017-09-14T13:42:34Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"ipv4-addr--59ba874a-c1e0-4bcc-9896-42c5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"dst_ref": "ipv4-addr--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874a-c1e0-4bcc-9896-42c5950d210f",
"value": "94.46.167.10"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874a-bf34-416a-9a1f-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:34.000Z",
"modified": "2017-09-14T13:42:34.000Z",
"pattern": "[url:value = 'http://ernestoangiolini.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874b-aaac-4e2d-98f8-4025950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:35.000Z",
"modified": "2017-09-14T13:42:35.000Z",
"pattern": "[domain-name:value = 'ernestoangiolini.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:35.000Z",
"modified": "2017-09-14T13:42:35.000Z",
"first_observed": "2017-09-14T13:42:35Z",
"last_observed": "2017-09-14T13:42:35Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"ipv4-addr--59ba874b-bf78-4ee7-8b5e-4b7c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"dst_ref": "ipv4-addr--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874b-bf78-4ee7-8b5e-4b7c950d210f",
"value": "213.205.38.25"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874b-3460-43db-bd03-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:35.000Z",
"modified": "2017-09-14T13:42:35.000Z",
"pattern": "[url:value = 'http://ethersolutions.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874b-8958-427a-8bd6-499f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:35.000Z",
"modified": "2017-09-14T13:42:35.000Z",
"pattern": "[domain-name:value = 'ethersolutions.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874c-f2e4-4270-9797-4526950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:36.000Z",
"modified": "2017-09-14T13:42:36.000Z",
"first_observed": "2017-09-14T13:42:36Z",
"last_observed": "2017-09-14T13:42:36Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874c-f2e4-4270-9797-4526950d210f",
"ipv4-addr--59ba874c-f2e4-4270-9797-4526950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874c-f2e4-4270-9797-4526950d210f",
"dst_ref": "ipv4-addr--59ba874c-f2e4-4270-9797-4526950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874c-f2e4-4270-9797-4526950d210f",
"value": "77.92.75.1"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874c-34c8-4054-8f8d-48b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:36.000Z",
"modified": "2017-09-14T13:42:36.000Z",
"pattern": "[url:value = 'http://felipedemarco.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874c-1044-43ff-a6e3-4163950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:36.000Z",
"modified": "2017-09-14T13:42:36.000Z",
"pattern": "[domain-name:value = 'felipedemarco.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:36.000Z",
"modified": "2017-09-14T13:42:36.000Z",
"first_observed": "2017-09-14T13:42:36Z",
"last_observed": "2017-09-14T13:42:36Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"ipv4-addr--59ba874c-d870-4c7b-bf5e-41b5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"dst_ref": "ipv4-addr--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874c-d870-4c7b-bf5e-41b5950d210f",
"value": "82.98.139.176"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874d-f424-49ba-a063-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:37.000Z",
"modified": "2017-09-14T13:42:37.000Z",
"pattern": "[url:value = 'http://foleycrosscenter.org/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874d-04e0-45f3-a37e-4525950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:37.000Z",
"modified": "2017-09-14T13:42:37.000Z",
"pattern": "[domain-name:value = 'foleycrosscenter.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874d-1f58-4a6e-9796-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:37.000Z",
"modified": "2017-09-14T13:42:37.000Z",
"first_observed": "2017-09-14T13:42:37Z",
"last_observed": "2017-09-14T13:42:37Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874d-1f58-4a6e-9796-140f950d210f",
"ipv4-addr--59ba874d-1f58-4a6e-9796-140f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874d-1f58-4a6e-9796-140f950d210f",
"dst_ref": "ipv4-addr--59ba874d-1f58-4a6e-9796-140f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874d-1f58-4a6e-9796-140f950d210f",
"value": "66.199.174.108"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874d-3b60-4d60-a763-4515950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:37.000Z",
"modified": "2017-09-14T13:42:37.000Z",
"pattern": "[url:value = 'http://formationdirecte.ca/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874e-2a38-4b02-8ffe-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:38.000Z",
"modified": "2017-09-14T13:42:38.000Z",
"pattern": "[domain-name:value = 'formationdirecte.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874e-ae10-4850-a52d-4c8c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:38.000Z",
"modified": "2017-09-14T13:42:38.000Z",
"first_observed": "2017-09-14T13:42:38Z",
"last_observed": "2017-09-14T13:42:38Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874e-ae10-4850-a52d-4c8c950d210f",
"ipv4-addr--59ba874e-ae10-4850-a52d-4c8c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874e-ae10-4850-a52d-4c8c950d210f",
"dst_ref": "ipv4-addr--59ba874e-ae10-4850-a52d-4c8c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874e-ae10-4850-a52d-4c8c950d210f",
"value": "24.226.147.10"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874e-67a4-4abb-a3ee-4420950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:38.000Z",
"modified": "2017-09-14T13:42:38.000Z",
"pattern": "[url:value = 'http://france-vacance.dk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874e-a8b4-4304-8bf3-453c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:38.000Z",
"modified": "2017-09-14T13:42:38.000Z",
"pattern": "[domain-name:value = 'france-vacance.dk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba874f-cb48-4044-b534-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:39.000Z",
"modified": "2017-09-14T13:42:39.000Z",
"first_observed": "2017-09-14T13:42:39Z",
"last_observed": "2017-09-14T13:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba874f-cb48-4044-b534-1686950d210f",
"ipv4-addr--59ba874f-cb48-4044-b534-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba874f-cb48-4044-b534-1686950d210f",
"dst_ref": "ipv4-addr--59ba874f-cb48-4044-b534-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba874f-cb48-4044-b534-1686950d210f",
"value": "46.30.213.38"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874f-04d4-4a62-9672-45d7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:39.000Z",
"modified": "2017-09-14T13:42:39.000Z",
"pattern": "[url:value = 'http://fredagskoret.dk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba874f-51c8-47b9-9fec-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:39.000Z",
"modified": "2017-09-14T13:42:39.000Z",
"pattern": "[domain-name:value = 'fredagskoret.dk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:40.000Z",
"modified": "2017-09-14T13:42:40.000Z",
"first_observed": "2017-09-14T13:42:40Z",
"last_observed": "2017-09-14T13:42:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"ipv4-addr--59ba8750-1ae8-4a14-ac3d-4a2f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"dst_ref": "ipv4-addr--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8750-1ae8-4a14-ac3d-4a2f950d210f",
"value": "46.30.213.31"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8750-d36c-4ffd-a610-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:40.000Z",
"modified": "2017-09-14T13:42:40.000Z",
"pattern": "[url:value = 'http://gpointrecords.bplaced.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8750-6e40-48b9-8e3d-4d00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:40.000Z",
"modified": "2017-09-14T13:42:40.000Z",
"pattern": "[domain-name:value = 'gpointrecords.bplaced.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8751-f418-49bc-9946-41f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:41.000Z",
"modified": "2017-09-14T13:42:41.000Z",
"first_observed": "2017-09-14T13:42:41Z",
"last_observed": "2017-09-14T13:42:41Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8751-f418-49bc-9946-41f5950d210f",
"ipv4-addr--59ba8751-f418-49bc-9946-41f5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8751-f418-49bc-9946-41f5950d210f",
"dst_ref": "ipv4-addr--59ba8751-f418-49bc-9946-41f5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8751-f418-49bc-9946-41f5950d210f",
"value": "144.76.167.70"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8751-333c-47ad-8415-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:41.000Z",
"modified": "2017-09-14T13:42:41.000Z",
"pattern": "[url:value = 'http://Grog.dk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8751-90e0-429b-affc-4a84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:41.000Z",
"modified": "2017-09-14T13:42:41.000Z",
"pattern": "[domain-name:value = 'grog.dk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8752-b674-4299-b4a7-4d53950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:42.000Z",
"modified": "2017-09-14T13:42:42.000Z",
"first_observed": "2017-09-14T13:42:42Z",
"last_observed": "2017-09-14T13:42:42Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8752-b674-4299-b4a7-4d53950d210f",
"ipv4-addr--59ba8752-b674-4299-b4a7-4d53950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8752-b674-4299-b4a7-4d53950d210f",
"dst_ref": "ipv4-addr--59ba8752-b674-4299-b4a7-4d53950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8752-b674-4299-b4a7-4d53950d210f",
"value": "46.30.213.109"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8752-07ec-4831-9b1c-4439950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:42.000Z",
"modified": "2017-09-14T13:42:42.000Z",
"pattern": "[url:value = 'http://grousespringsnursery.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8752-c15c-47b3-bc2b-425b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:42.000Z",
"modified": "2017-09-14T13:42:42.000Z",
"pattern": "[domain-name:value = 'grousespringsnursery.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8752-5d54-432a-a329-4c3f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:42.000Z",
"modified": "2017-09-14T13:42:42.000Z",
"pattern": "[url:value = 'http://handsworthfencingservices.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8753-14f4-4b17-bbb4-453a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:43.000Z",
"modified": "2017-09-14T13:42:43.000Z",
"pattern": "[domain-name:value = 'handsworthfencingservices.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8753-c86c-4621-9f8e-43cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:43.000Z",
"modified": "2017-09-14T13:42:43.000Z",
"first_observed": "2017-09-14T13:42:43Z",
"last_observed": "2017-09-14T13:42:43Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8753-c86c-4621-9f8e-43cc950d210f",
"ipv4-addr--59ba8753-c86c-4621-9f8e-43cc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8753-c86c-4621-9f8e-43cc950d210f",
"dst_ref": "ipv4-addr--59ba8753-c86c-4621-9f8e-43cc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8753-c86c-4621-9f8e-43cc950d210f",
"value": "46.30.213.86"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8753-73e8-4dce-91e8-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:43.000Z",
"modified": "2017-09-14T13:42:43.000Z",
"pattern": "[url:value = 'http://iksy.za.pl/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8753-5484-477c-83a1-49d7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:43.000Z",
"modified": "2017-09-14T13:42:43.000Z",
"pattern": "[domain-name:value = 'iksy.za.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8753-d4fc-467f-afec-4966950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:43.000Z",
"modified": "2017-09-14T13:42:43.000Z",
"first_observed": "2017-09-14T13:42:43Z",
"last_observed": "2017-09-14T13:42:43Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8753-d4fc-467f-afec-4966950d210f",
"ipv4-addr--59ba8753-d4fc-467f-afec-4966950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8753-d4fc-467f-afec-4966950d210f",
"dst_ref": "ipv4-addr--59ba8753-d4fc-467f-afec-4966950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8753-d4fc-467f-afec-4966950d210f",
"value": "193.203.99.111"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8754-8abc-4055-b601-47b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:44.000Z",
"modified": "2017-09-14T13:42:44.000Z",
"pattern": "[url:value = 'http://jsjp.nl/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8754-a6b4-46d7-890a-49f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:44.000Z",
"modified": "2017-09-14T13:42:44.000Z",
"pattern": "[domain-name:value = 'jsjp.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8754-561c-4175-ad13-488d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:44.000Z",
"modified": "2017-09-14T13:42:44.000Z",
"first_observed": "2017-09-14T13:42:44Z",
"last_observed": "2017-09-14T13:42:44Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8754-561c-4175-ad13-488d950d210f",
"ipv4-addr--59ba8754-561c-4175-ad13-488d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8754-561c-4175-ad13-488d950d210f",
"dst_ref": "ipv4-addr--59ba8754-561c-4175-ad13-488d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8754-561c-4175-ad13-488d950d210f",
"value": "109.71.51.58"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8754-8edc-4a1c-9082-44c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:44.000Z",
"modified": "2017-09-14T13:42:44.000Z",
"pattern": "[url:value = 'http://klinthult.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8754-b918-4bb6-9633-41cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:44.000Z",
"modified": "2017-09-14T13:42:44.000Z",
"pattern": "[domain-name:value = 'klinthult.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8755-a904-465b-9544-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:45.000Z",
"modified": "2017-09-14T13:42:45.000Z",
"first_observed": "2017-09-14T13:42:45Z",
"last_observed": "2017-09-14T13:42:45Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8755-a904-465b-9544-1527950d210f",
"ipv4-addr--59ba8755-a904-465b-9544-1527950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8755-a904-465b-9544-1527950d210f",
"dst_ref": "ipv4-addr--59ba8755-a904-465b-9544-1527950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8755-a904-465b-9544-1527950d210f",
"value": "195.5.163.201"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8755-8e74-4368-9eeb-4c0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:45.000Z",
"modified": "2017-09-14T13:42:45.000Z",
"pattern": "[url:value = 'http://kookserviceopmaat.nl/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8755-9664-46cb-aef6-4b1b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:45.000Z",
"modified": "2017-09-14T13:42:45.000Z",
"pattern": "[domain-name:value = 'kookserviceopmaat.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8755-e494-4962-830c-47a9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:45.000Z",
"modified": "2017-09-14T13:42:45.000Z",
"first_observed": "2017-09-14T13:42:45Z",
"last_observed": "2017-09-14T13:42:45Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8755-e494-4962-830c-47a9950d210f",
"ipv4-addr--59ba8755-e494-4962-830c-47a9950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8755-e494-4962-830c-47a9950d210f",
"dst_ref": "ipv4-addr--59ba8755-e494-4962-830c-47a9950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8755-e494-4962-830c-47a9950d210f",
"value": "46.30.213.200"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8756-9fb0-4a9a-9230-4d4e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:46.000Z",
"modified": "2017-09-14T13:42:46.000Z",
"pattern": "[url:value = 'http://logistics.nazwa.pl/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8756-e780-460a-b4be-484d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:46.000Z",
"modified": "2017-09-14T13:42:46.000Z",
"pattern": "[domain-name:value = 'logistics.nazwa.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8756-f4ac-44ef-b579-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:46.000Z",
"modified": "2017-09-14T13:42:46.000Z",
"first_observed": "2017-09-14T13:42:46Z",
"last_observed": "2017-09-14T13:42:46Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8756-f4ac-44ef-b579-151a950d210f",
"ipv4-addr--59ba8756-f4ac-44ef-b579-151a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8756-f4ac-44ef-b579-151a950d210f",
"dst_ref": "ipv4-addr--59ba8756-f4ac-44ef-b579-151a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8756-f4ac-44ef-b579-151a950d210f",
"value": "85.128.227.19"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8756-3fb8-444d-ba9c-42cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:46.000Z",
"modified": "2017-09-14T13:42:46.000Z",
"pattern": "[url:value = 'http://maitreandre.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8756-0b0c-41c4-9635-4cc1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:46.000Z",
"modified": "2017-09-14T13:42:46.000Z",
"pattern": "[domain-name:value = 'maitreandre.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8759-a334-4593-b4ec-4a98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:49.000Z",
"modified": "2017-09-14T13:42:49.000Z",
"first_observed": "2017-09-14T13:42:49Z",
"last_observed": "2017-09-14T13:42:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8759-a334-4593-b4ec-4a98950d210f",
"ipv4-addr--59ba8759-a334-4593-b4ec-4a98950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8759-a334-4593-b4ec-4a98950d210f",
"dst_ref": "ipv4-addr--59ba8759-a334-4593-b4ec-4a98950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8759-a334-4593-b4ec-4a98950d210f",
"value": "195.141.44.1"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8759-fac8-4898-8ee4-4c83950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:49.000Z",
"modified": "2017-09-14T13:42:49.000Z",
"pattern": "[url:value = 'http://matthess-online.de/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8759-2ba8-4e23-ae9c-403f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:49.000Z",
"modified": "2017-09-14T13:42:49.000Z",
"pattern": "[domain-name:value = 'matthess-online.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8759-2764-44ce-8faf-4657950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:49.000Z",
"modified": "2017-09-14T13:42:49.000Z",
"first_observed": "2017-09-14T13:42:49Z",
"last_observed": "2017-09-14T13:42:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8759-2764-44ce-8faf-4657950d210f",
"ipv4-addr--59ba8759-2764-44ce-8faf-4657950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8759-2764-44ce-8faf-4657950d210f",
"dst_ref": "ipv4-addr--59ba8759-2764-44ce-8faf-4657950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8759-2764-44ce-8faf-4657950d210f",
"value": "46.30.215.22"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875a-c758-41b3-b30c-42f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:50.000Z",
"modified": "2017-09-14T13:42:50.000Z",
"pattern": "[url:value = 'http://ministranten.bplaced.net/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875a-9e5c-4266-874e-4189950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:50.000Z",
"modified": "2017-09-14T13:42:50.000Z",
"pattern": "[domain-name:value = 'ministranten.bplaced.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:50.000Z",
"modified": "2017-09-14T13:42:50.000Z",
"first_observed": "2017-09-14T13:42:50Z",
"last_observed": "2017-09-14T13:42:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"ipv4-addr--59ba875a-52c0-46e8-8dfd-4f3a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"dst_ref": "ipv4-addr--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba875a-52c0-46e8-8dfd-4f3a950d210f",
"value": "144.76.167.69"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875b-2374-469b-b37c-4960950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:51.000Z",
"modified": "2017-09-14T13:42:51.000Z",
"pattern": "[url:value = 'http://muzyczny.hitowy.pl/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875b-0438-46cc-8a65-4284950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:51.000Z",
"modified": "2017-09-14T13:42:51.000Z",
"pattern": "[domain-name:value = 'muzyczny.hitowy.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba875b-d478-4688-a684-433a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:51.000Z",
"modified": "2017-09-14T13:42:51.000Z",
"first_observed": "2017-09-14T13:42:51Z",
"last_observed": "2017-09-14T13:42:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba875b-d478-4688-a684-433a950d210f",
"ipv4-addr--59ba875b-d478-4688-a684-433a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba875b-d478-4688-a684-433a950d210f",
"dst_ref": "ipv4-addr--59ba875b-d478-4688-a684-433a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba875b-d478-4688-a684-433a950d210f",
"value": "193.203.99.113"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875b-b0e4-4666-8cb4-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:51.000Z",
"modified": "2017-09-14T13:42:51.000Z",
"pattern": "[url:value = 'http://norskskovkatte.dk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875b-ba3c-4d94-be59-40ed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:51.000Z",
"modified": "2017-09-14T13:42:51.000Z",
"pattern": "[domain-name:value = 'norskskovkatte.dk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba875b-bda0-4e0f-8022-4250950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:51.000Z",
"modified": "2017-09-14T13:42:51.000Z",
"first_observed": "2017-09-14T13:42:51Z",
"last_observed": "2017-09-14T13:42:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba875b-bda0-4e0f-8022-4250950d210f",
"ipv4-addr--59ba875b-bda0-4e0f-8022-4250950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba875b-bda0-4e0f-8022-4250950d210f",
"dst_ref": "ipv4-addr--59ba875b-bda0-4e0f-8022-4250950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba875b-bda0-4e0f-8022-4250950d210f",
"value": "46.30.213.192"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875c-eae0-4ae6-bed1-4092950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:52.000Z",
"modified": "2017-09-14T13:42:52.000Z",
"pattern": "[url:value = 'http://osgood.me.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875c-dae8-43c9-a93b-4a75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:52.000Z",
"modified": "2017-09-14T13:42:52.000Z",
"pattern": "[domain-name:value = 'osgood.me.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba875c-4cf0-46fd-92d4-478c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:52.000Z",
"modified": "2017-09-14T13:42:52.000Z",
"first_observed": "2017-09-14T13:42:52Z",
"last_observed": "2017-09-14T13:42:52Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba875c-4cf0-46fd-92d4-478c950d210f",
"ipv4-addr--59ba875c-4cf0-46fd-92d4-478c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba875c-4cf0-46fd-92d4-478c950d210f",
"dst_ref": "ipv4-addr--59ba875c-4cf0-46fd-92d4-478c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba875c-4cf0-46fd-92d4-478c950d210f",
"value": "194.0.252.231"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875c-d278-40eb-b992-4586950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:52.000Z",
"modified": "2017-09-14T13:42:52.000Z",
"pattern": "[url:value = 'http://pickwick-poppins.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875c-60e8-4e1c-99df-4961950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:52.000Z",
"modified": "2017-09-14T13:42:52.000Z",
"pattern": "[domain-name:value = 'pickwick-poppins.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba875d-5530-4a6f-b96e-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:53.000Z",
"modified": "2017-09-14T13:42:53.000Z",
"first_observed": "2017-09-14T13:42:53Z",
"last_observed": "2017-09-14T13:42:53Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba875d-5530-4a6f-b96e-1686950d210f",
"ipv4-addr--59ba875d-5530-4a6f-b96e-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba875d-5530-4a6f-b96e-1686950d210f",
"dst_ref": "ipv4-addr--59ba875d-5530-4a6f-b96e-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba875d-5530-4a6f-b96e-1686950d210f",
"value": "173.199.143.140"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875d-1d4c-4195-8033-4407950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:53.000Z",
"modified": "2017-09-14T13:42:53.000Z",
"pattern": "[url:value = 'http://pugfest.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875d-3514-41f2-bfc6-478d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:53.000Z",
"modified": "2017-09-14T13:42:53.000Z",
"pattern": "[domain-name:value = 'pugfest.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba875e-20a4-4e27-83ac-4cba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:54.000Z",
"modified": "2017-09-14T13:42:54.000Z",
"first_observed": "2017-09-14T13:42:54Z",
"last_observed": "2017-09-14T13:42:54Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba875e-20a4-4e27-83ac-4cba950d210f",
"ipv4-addr--59ba875e-20a4-4e27-83ac-4cba950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba875e-20a4-4e27-83ac-4cba950d210f",
"dst_ref": "ipv4-addr--59ba875e-20a4-4e27-83ac-4cba950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba875e-20a4-4e27-83ac-4cba950d210f",
"value": "213.165.88.141"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875e-4278-48aa-b6ac-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:54.000Z",
"modified": "2017-09-14T13:42:54.000Z",
"pattern": "[url:value = 'http://radianthues.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875e-e5a0-482e-9fd7-4a3d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:54.000Z",
"modified": "2017-09-14T13:42:54.000Z",
"pattern": "[domain-name:value = 'radianthues.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba875f-6c08-43a4-a54a-4478950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:55.000Z",
"modified": "2017-09-14T13:42:55.000Z",
"first_observed": "2017-09-14T13:42:55Z",
"last_observed": "2017-09-14T13:42:55Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba875f-6c08-43a4-a54a-4478950d210f",
"ipv4-addr--59ba875f-6c08-43a4-a54a-4478950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba875f-6c08-43a4-a54a-4478950d210f",
"dst_ref": "ipv4-addr--59ba875f-6c08-43a4-a54a-4478950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba875f-6c08-43a4-a54a-4478950d210f",
"value": "50.63.174.31"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875f-a814-48dc-89f7-4d69950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:55.000Z",
"modified": "2017-09-14T13:42:55.000Z",
"pattern": "[url:value = 'http://raku3.co.jp/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba875f-b7e4-48a1-9c63-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:55.000Z",
"modified": "2017-09-14T13:42:55.000Z",
"pattern": "[domain-name:value = 'raku3.co.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8760-30d4-42e6-8dde-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:56.000Z",
"modified": "2017-09-14T13:42:56.000Z",
"first_observed": "2017-09-14T13:42:56Z",
"last_observed": "2017-09-14T13:42:56Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8760-30d4-42e6-8dde-140f950d210f",
"ipv4-addr--59ba8760-30d4-42e6-8dde-140f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8760-30d4-42e6-8dde-140f950d210f",
"dst_ref": "ipv4-addr--59ba8760-30d4-42e6-8dde-140f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8760-30d4-42e6-8dde-140f950d210f",
"value": "202.218.252.19"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8760-1304-45ab-9106-44de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:56.000Z",
"modified": "2017-09-14T13:42:56.000Z",
"pattern": "[url:value = 'http://rapidanplumbing.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8760-77fc-4c8a-883e-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:56.000Z",
"modified": "2017-09-14T13:42:56.000Z",
"pattern": "[domain-name:value = 'rapidanplumbing.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8761-2a04-47a9-8ffc-4933950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:57.000Z",
"modified": "2017-09-14T13:42:57.000Z",
"first_observed": "2017-09-14T13:42:57Z",
"last_observed": "2017-09-14T13:42:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8761-2a04-47a9-8ffc-4933950d210f",
"ipv4-addr--59ba8761-2a04-47a9-8ffc-4933950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8761-2a04-47a9-8ffc-4933950d210f",
"dst_ref": "ipv4-addr--59ba8761-2a04-47a9-8ffc-4933950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8761-2a04-47a9-8ffc-4933950d210f",
"value": "69.168.79.26"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8761-daa4-456a-a44f-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:57.000Z",
"modified": "2017-09-14T13:42:57.000Z",
"pattern": "[url:value = 'http://rscc.dk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8761-6290-4590-be5f-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:57.000Z",
"modified": "2017-09-14T13:42:57.000Z",
"pattern": "[domain-name:value = 'rscc.dk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:58.000Z",
"modified": "2017-09-14T13:42:58.000Z",
"first_observed": "2017-09-14T13:42:58Z",
"last_observed": "2017-09-14T13:42:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"ipv4-addr--59ba8762-3b94-4809-b2d9-4fc8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"dst_ref": "ipv4-addr--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8762-3b94-4809-b2d9-4fc8950d210f",
"value": "46.30.213.191"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8762-c054-44be-a66b-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:58.000Z",
"modified": "2017-09-14T13:42:58.000Z",
"pattern": "[url:value = 'http://science-magnets.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8762-f25c-4fdd-afad-4d02950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:58.000Z",
"modified": "2017-09-14T13:42:58.000Z",
"pattern": "[domain-name:value = 'science-magnets.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8762-b044-4deb-b975-4f30950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:58.000Z",
"modified": "2017-09-14T13:42:58.000Z",
"first_observed": "2017-09-14T13:42:58Z",
"last_observed": "2017-09-14T13:42:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8762-b044-4deb-b975-4f30950d210f",
"ipv4-addr--59ba8762-b044-4deb-b975-4f30950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8762-b044-4deb-b975-4f30950d210f",
"dst_ref": "ipv4-addr--59ba8762-b044-4deb-b975-4f30950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8762-b044-4deb-b975-4f30950d210f",
"value": "109.123.68.100"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8762-10c0-411e-a390-4d65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:58.000Z",
"modified": "2017-09-14T13:42:58.000Z",
"pattern": "[url:value = 'http://tanzcenter-graziosa.ch/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8763-5014-45ba-9123-4d7e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:59.000Z",
"modified": "2017-09-14T13:42:59.000Z",
"pattern": "[domain-name:value = 'tanzcenter-graziosa.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8763-fa20-4083-b634-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:59.000Z",
"modified": "2017-09-14T13:42:59.000Z",
"first_observed": "2017-09-14T13:42:59Z",
"last_observed": "2017-09-14T13:42:59Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8763-fa20-4083-b634-1686950d210f",
"ipv4-addr--59ba8763-fa20-4083-b634-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8763-fa20-4083-b634-1686950d210f",
"dst_ref": "ipv4-addr--59ba8763-fa20-4083-b634-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8763-fa20-4083-b634-1686950d210f",
"value": "185.117.169.71"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8763-e234-4813-b725-4ba2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:59.000Z",
"modified": "2017-09-14T13:42:59.000Z",
"pattern": "[url:value = 'http://tenconewengland.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8763-9d40-4dd8-bd8d-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:42:59.000Z",
"modified": "2017-09-14T13:42:59.000Z",
"pattern": "[domain-name:value = 'tenconewengland.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:42:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8764-55f4-42b0-9b32-4792950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:00.000Z",
"modified": "2017-09-14T13:43:00.000Z",
"first_observed": "2017-09-14T13:43:00Z",
"last_observed": "2017-09-14T13:43:00Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8764-55f4-42b0-9b32-4792950d210f",
"ipv4-addr--59ba8764-55f4-42b0-9b32-4792950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8764-55f4-42b0-9b32-4792950d210f",
"dst_ref": "ipv4-addr--59ba8764-55f4-42b0-9b32-4792950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8764-55f4-42b0-9b32-4792950d210f",
"value": "204.197.255.183"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8764-8a80-4ba4-be2d-413a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:00.000Z",
"modified": "2017-09-14T13:43:00.000Z",
"pattern": "[url:value = 'http://www.100kisses.org/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8764-b638-445d-a797-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:00.000Z",
"modified": "2017-09-14T13:43:00.000Z",
"pattern": "[domain-name:value = 'www.100kisses.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8765-7388-4b48-9215-403d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:01.000Z",
"modified": "2017-09-14T13:43:01.000Z",
"first_observed": "2017-09-14T13:43:01Z",
"last_observed": "2017-09-14T13:43:01Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8765-7388-4b48-9215-403d950d210f",
"ipv4-addr--59ba8765-7388-4b48-9215-403d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8765-7388-4b48-9215-403d950d210f",
"dst_ref": "ipv4-addr--59ba8765-7388-4b48-9215-403d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8765-7388-4b48-9215-403d950d210f",
"value": "192.126.92.143"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8765-1fb0-46fd-8ec1-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:01.000Z",
"modified": "2017-09-14T13:43:01.000Z",
"pattern": "[url:value = 'http://www.gtCartographic.co.uk/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8765-9b48-47e4-9207-4f31950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:01.000Z",
"modified": "2017-09-14T13:43:01.000Z",
"pattern": "[domain-name:value = 'www.gtcartographic.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:01.000Z",
"modified": "2017-09-14T13:43:01.000Z",
"first_observed": "2017-09-14T13:43:01Z",
"last_observed": "2017-09-14T13:43:01Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"ipv4-addr--59ba8765-8b9c-4a8e-87c4-140f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"dst_ref": "ipv4-addr--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8765-8b9c-4a8e-87c4-140f950d210f",
"value": "82.145.60.140"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8765-871c-4d80-ad36-4f89950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:01.000Z",
"modified": "2017-09-14T13:43:01.000Z",
"pattern": "[url:value = 'http://www.matthewsittel.com/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8766-fca0-4828-bb21-4e5f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:02.000Z",
"modified": "2017-09-14T13:43:02.000Z",
"pattern": "[domain-name:value = 'www.matthewsittel.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8766-fcf0-43af-85d3-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:02.000Z",
"modified": "2017-09-14T13:43:02.000Z",
"first_observed": "2017-09-14T13:43:02Z",
"last_observed": "2017-09-14T13:43:02Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8766-fcf0-43af-85d3-151a950d210f",
"ipv4-addr--59ba8766-fcf0-43af-85d3-151a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8766-fcf0-43af-85d3-151a950d210f",
"dst_ref": "ipv4-addr--59ba8766-fcf0-43af-85d3-151a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8766-fcf0-43af-85d3-151a950d210f",
"value": "50.63.197.9"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8766-3054-4857-bca5-46a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:02.000Z",
"modified": "2017-09-14T13:43:02.000Z",
"pattern": "[url:value = 'http://www.pizzelli.eu/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8766-ed80-4a57-9009-419b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:02.000Z",
"modified": "2017-09-14T13:43:02.000Z",
"pattern": "[domain-name:value = 'www.pizzelli.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8767-e20c-4a13-b347-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:03.000Z",
"modified": "2017-09-14T13:43:03.000Z",
"first_observed": "2017-09-14T13:43:03Z",
"last_observed": "2017-09-14T13:43:03Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8767-e20c-4a13-b347-1686950d210f",
"ipv4-addr--59ba8767-e20c-4a13-b347-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8767-e20c-4a13-b347-1686950d210f",
"dst_ref": "ipv4-addr--59ba8767-e20c-4a13-b347-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8767-e20c-4a13-b347-1686950d210f",
"value": "62.149.140.180"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8767-8e1c-46c0-aa78-4473950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:03.000Z",
"modified": "2017-09-14T13:43:03.000Z",
"pattern": "[url:value = 'http://www.reitverein-kaufbeuren.de/voice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8767-0080-4a4c-9afb-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:03.000Z",
"modified": "2017-09-14T13:43:03.000Z",
"pattern": "[domain-name:value = 'www.reitverein-kaufbeuren.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8767-a610-4412-880e-45e4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:03.000Z",
"modified": "2017-09-14T13:43:03.000Z",
"first_observed": "2017-09-14T13:43:03Z",
"last_observed": "2017-09-14T13:43:03Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8767-a610-4412-880e-45e4950d210f",
"ipv4-addr--59ba8767-a610-4412-880e-45e4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8767-a610-4412-880e-45e4950d210f",
"dst_ref": "ipv4-addr--59ba8767-a610-4412-880e-45e4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8767-a610-4412-880e-45e4950d210f",
"value": "81.169.145.162"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8767-738c-4da4-a5c3-47e1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:03.000Z",
"modified": "2017-09-14T13:43:03.000Z",
"pattern": "[url:value = 'http://wittinhohemmo.net/invoice.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8768-8f24-465a-ae55-4f2e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:04.000Z",
"modified": "2017-09-14T13:43:04.000Z",
"pattern": "[domain-name:value = 'wittinhohemmo.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8769-beac-44ca-a2d4-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:05.000Z",
"modified": "2017-09-14T13:43:05.000Z",
"first_observed": "2017-09-14T13:43:05Z",
"last_observed": "2017-09-14T13:43:05Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8769-beac-44ca-a2d4-1686950d210f",
"ipv4-addr--59ba8769-beac-44ca-a2d4-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8769-beac-44ca-a2d4-1686950d210f",
"dst_ref": "ipv4-addr--59ba8769-beac-44ca-a2d4-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8769-beac-44ca-a2d4-1686950d210f",
"value": "47.89.254.1"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8769-b948-4d31-a7ca-4b13950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:05.000Z",
"modified": "2017-09-14T13:43:05.000Z",
"pattern": "[url:value = 'http://hemrolunsparred.info/invoice.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8769-f958-4b26-b097-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:05.000Z",
"modified": "2017-09-14T13:43:05.000Z",
"pattern": "[domain-name:value = 'hemrolunsparred.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876b-bd50-404d-93a9-4f19950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:07.000Z",
"modified": "2017-09-14T13:43:07.000Z",
"pattern": "[url:value = 'http://recturf.com.au/ibnysoa.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876b-c408-4327-8b58-4645950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:07.000Z",
"modified": "2017-09-14T13:43:07.000Z",
"pattern": "[domain-name:value = 'recturf.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba876c-cb80-4e7a-b67f-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:08.000Z",
"modified": "2017-09-14T13:43:08.000Z",
"first_observed": "2017-09-14T13:43:08Z",
"last_observed": "2017-09-14T13:43:08Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba876c-cb80-4e7a-b67f-1686950d210f",
"ipv4-addr--59ba876c-cb80-4e7a-b67f-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba876c-cb80-4e7a-b67f-1686950d210f",
"dst_ref": "ipv4-addr--59ba876c-cb80-4e7a-b67f-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba876c-cb80-4e7a-b67f-1686950d210f",
"value": "103.236.163.40"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876c-2020-4ce1-a198-47b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:08.000Z",
"modified": "2017-09-14T13:43:08.000Z",
"pattern": "[url:value = 'http://wwwa.su/bkpudaf.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876c-5460-4199-bc4a-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:08.000Z",
"modified": "2017-09-14T13:43:08.000Z",
"pattern": "[domain-name:value = 'wwwa.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba876c-85c4-46b7-94fb-4bca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:08.000Z",
"modified": "2017-09-14T13:43:08.000Z",
"first_observed": "2017-09-14T13:43:08Z",
"last_observed": "2017-09-14T13:43:08Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba876c-85c4-46b7-94fb-4bca950d210f",
"ipv4-addr--59ba876c-85c4-46b7-94fb-4bca950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba876c-85c4-46b7-94fb-4bca950d210f",
"dst_ref": "ipv4-addr--59ba876c-85c4-46b7-94fb-4bca950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba876c-85c4-46b7-94fb-4bca950d210f",
"value": "89.253.236.149"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876c-84c4-4e7a-a406-4847950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:08.000Z",
"modified": "2017-09-14T13:43:08.000Z",
"pattern": "[url:value = 'http://109.108.145.100.srvlist.ukfast.net/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876d-fec4-4ec7-9424-4b32950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:09.000Z",
"modified": "2017-09-14T13:43:09.000Z",
"pattern": "[url:value = 'http://72.4f.354a.static.theplanet.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876d-ec64-4c14-b3b3-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:09.000Z",
"modified": "2017-09-14T13:43:09.000Z",
"pattern": "[url:value = 'http://alfixit.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876d-0d94-48a7-964b-4605950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:09.000Z",
"modified": "2017-09-14T13:43:09.000Z",
"pattern": "[url:value = 'http://altarweddingcars.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876e-0360-479d-acc2-4735950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:10.000Z",
"modified": "2017-09-14T13:43:10.000Z",
"pattern": "[url:value = 'http://ammann-it.ch/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876e-4998-484a-97e2-4096950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:10.000Z",
"modified": "2017-09-14T13:43:10.000Z",
"pattern": "[url:value = 'http://arvinmoti.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876f-71d4-4990-92a1-4fc4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:11.000Z",
"modified": "2017-09-14T13:43:11.000Z",
"pattern": "[url:value = 'http://balzantruck.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba876f-96c8-47b6-b319-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:11.000Z",
"modified": "2017-09-14T13:43:11.000Z",
"pattern": "[url:value = 'http://bigredsgeneralcontracting.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8770-e7dc-4735-9c60-4a5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:12.000Z",
"modified": "2017-09-14T13:43:12.000Z",
"pattern": "[url:value = 'http://brockmann-buecher.de/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8770-3228-4cf8-8362-410d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:12.000Z",
"modified": "2017-09-14T13:43:12.000Z",
"pattern": "[url:value = 'http://comtecav.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8770-a1f4-4017-825c-4d71950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:12.000Z",
"modified": "2017-09-14T13:43:12.000Z",
"pattern": "[url:value = 'http://craigstrong.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8771-b1d4-4b94-be7d-4a42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:13.000Z",
"modified": "2017-09-14T13:43:13.000Z",
"pattern": "[url:value = 'http://danyaanderson.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8771-e888-4167-a6d0-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:13.000Z",
"modified": "2017-09-14T13:43:13.000Z",
"pattern": "[url:value = 'http://epse.pt/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8772-77a8-435d-b54c-435a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:14.000Z",
"modified": "2017-09-14T13:43:14.000Z",
"pattern": "[url:value = 'http://ernestoangiolini.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8772-3e30-4f4f-9214-4cff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:14.000Z",
"modified": "2017-09-14T13:43:14.000Z",
"pattern": "[url:value = 'http://ethersolutions.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8772-34cc-496e-9956-4a92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:14.000Z",
"modified": "2017-09-14T13:43:14.000Z",
"pattern": "[url:value = 'http://felipedemarco.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8773-83e0-4f8f-81a4-415b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:15.000Z",
"modified": "2017-09-14T13:43:15.000Z",
"pattern": "[url:value = 'http://foleycrosscenter.org/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8773-3374-4aac-9cf0-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:15.000Z",
"modified": "2017-09-14T13:43:15.000Z",
"pattern": "[url:value = 'http://formationdirecte.ca/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8773-4fe4-48f6-ae1d-4038950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:15.000Z",
"modified": "2017-09-14T13:43:15.000Z",
"pattern": "[url:value = 'http://france-vacance.dk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8774-4ecc-4fca-a448-4b18950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:16.000Z",
"modified": "2017-09-14T13:43:16.000Z",
"pattern": "[url:value = 'http://fredagskoret.dk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8774-e564-4a96-bc45-44a4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:16.000Z",
"modified": "2017-09-14T13:43:16.000Z",
"pattern": "[url:value = 'http://gpointrecords.bplaced.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8775-26cc-444a-ac34-4d08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:17.000Z",
"modified": "2017-09-14T13:43:17.000Z",
"pattern": "[url:value = 'http://Grog.dk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8775-9a98-4fcf-a557-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:17.000Z",
"modified": "2017-09-14T13:43:17.000Z",
"pattern": "[url:value = 'http://grousespringsnursery.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8775-8f18-407a-b2f1-4b8a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:17.000Z",
"modified": "2017-09-14T13:43:17.000Z",
"pattern": "[url:value = 'http://handsworthfencingservices.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8776-8bb8-4dfd-b886-44dd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:18.000Z",
"modified": "2017-09-14T13:43:18.000Z",
"pattern": "[url:value = 'http://iksy.za.pl/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8776-2268-43dc-b390-4a36950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:18.000Z",
"modified": "2017-09-14T13:43:18.000Z",
"pattern": "[url:value = 'http://jsjp.nl/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8776-43e8-409c-8be7-4a48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:18.000Z",
"modified": "2017-09-14T13:43:18.000Z",
"pattern": "[url:value = 'http://klinthult.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8777-9f68-4241-9193-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:19.000Z",
"modified": "2017-09-14T13:43:19.000Z",
"pattern": "[url:value = 'http://kookserviceopmaat.nl/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8777-5ff8-420d-9066-4973950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:19.000Z",
"modified": "2017-09-14T13:43:19.000Z",
"pattern": "[url:value = 'http://logistics.nazwa.pl/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8778-a78c-49f9-b26b-48c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:20.000Z",
"modified": "2017-09-14T13:43:20.000Z",
"pattern": "[url:value = 'http://maitreandre.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8778-8b1c-4189-86f0-417c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:20.000Z",
"modified": "2017-09-14T13:43:20.000Z",
"pattern": "[url:value = 'http://matthess-online.de/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8778-e3ec-40d1-87ca-4581950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:20.000Z",
"modified": "2017-09-14T13:43:20.000Z",
"pattern": "[url:value = 'http://ministranten.bplaced.net/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8779-1594-45e2-ad53-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:21.000Z",
"modified": "2017-09-14T13:43:21.000Z",
"pattern": "[url:value = 'http://muzyczny.hitowy.pl/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8779-c7b4-45b4-a987-4665950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:21.000Z",
"modified": "2017-09-14T13:43:21.000Z",
"pattern": "[url:value = 'http://norskskovkatte.dk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8779-9470-4de0-b774-4ac1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:21.000Z",
"modified": "2017-09-14T13:43:21.000Z",
"pattern": "[url:value = 'http://osgood.me.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877a-42e4-438d-aa55-4e12950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:22.000Z",
"modified": "2017-09-14T13:43:22.000Z",
"pattern": "[url:value = 'http://pickwick-poppins.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877a-09e8-4156-8437-4222950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:22.000Z",
"modified": "2017-09-14T13:43:22.000Z",
"pattern": "[url:value = 'http://pugfest.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877b-dd50-476f-8385-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:23.000Z",
"modified": "2017-09-14T13:43:23.000Z",
"pattern": "[url:value = 'http://radianthues.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877b-e674-4c1c-9ce1-405b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:23.000Z",
"modified": "2017-09-14T13:43:23.000Z",
"pattern": "[url:value = 'http://raku3.co.jp/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877b-8ae0-44ce-beee-4d90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:23.000Z",
"modified": "2017-09-14T13:43:23.000Z",
"pattern": "[url:value = 'http://rapidanplumbing.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877c-42e4-43a0-8d8d-4515950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:24.000Z",
"modified": "2017-09-14T13:43:24.000Z",
"pattern": "[url:value = 'http://rscc.dk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877c-9ad8-4739-885b-483e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:24.000Z",
"modified": "2017-09-14T13:43:24.000Z",
"pattern": "[url:value = 'http://science-magnets.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877d-fa34-409c-8bd8-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:25.000Z",
"modified": "2017-09-14T13:43:25.000Z",
"pattern": "[url:value = 'http://snes38.uvadi.cz/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877d-f940-4aa7-8045-40aa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:25.000Z",
"modified": "2017-09-14T13:43:25.000Z",
"pattern": "[domain-name:value = 'snes38.uvadi.cz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba877d-83fc-4d78-acd8-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:25.000Z",
"modified": "2017-09-14T13:43:25.000Z",
"first_observed": "2017-09-14T13:43:25Z",
"last_observed": "2017-09-14T13:43:25Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba877d-83fc-4d78-acd8-140f950d210f",
"ipv4-addr--59ba877d-83fc-4d78-acd8-140f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba877d-83fc-4d78-acd8-140f950d210f",
"dst_ref": "ipv4-addr--59ba877d-83fc-4d78-acd8-140f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba877d-83fc-4d78-acd8-140f950d210f",
"value": "77.93.211.244"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877d-fdfc-412e-b424-4ba6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:25.000Z",
"modified": "2017-09-14T13:43:25.000Z",
"pattern": "[url:value = 'http://tanzcenter-graziosa.ch/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877d-6180-4f2e-9cd9-4394950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:25.000Z",
"modified": "2017-09-14T13:43:25.000Z",
"pattern": "[url:value = 'http://tenconewengland.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877e-d948-4e38-967e-44f7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:26.000Z",
"modified": "2017-09-14T13:43:26.000Z",
"pattern": "[url:value = 'http://www.100kisses.org/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877e-8ed4-4715-8ba3-4840950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:26.000Z",
"modified": "2017-09-14T13:43:26.000Z",
"pattern": "[url:value = 'http://www.gtCartographic.co.uk/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877f-b01c-486c-935e-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:27.000Z",
"modified": "2017-09-14T13:43:27.000Z",
"pattern": "[url:value = 'http://www.matthewsittel.com/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877f-a93c-4352-827e-491d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:27.000Z",
"modified": "2017-09-14T13:43:27.000Z",
"pattern": "[url:value = 'http://www.pizzelli.eu/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba877f-3a1c-4b6d-8808-4ed8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:27.000Z",
"modified": "2017-09-14T13:43:27.000Z",
"pattern": "[url:value = 'http://www.reitverein-kaufbeuren.de/invoice.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8780-5944-4e02-b5a3-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:28.000Z",
"modified": "2017-09-14T13:43:28.000Z",
"first_observed": "2017-09-14T13:43:28Z",
"last_observed": "2017-09-14T13:43:28Z",
"number_observed": 1,
"object_refs": [
"url--59ba8780-5944-4e02-b5a3-1527950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59ba8780-5944-4e02-b5a3-1527950d210f",
"value": "http://91.203.5.162/imageload.cgi"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8780-9468-4a7a-8733-4e87950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:28.000Z",
"modified": "2017-09-14T13:43:28.000Z",
"first_observed": "2017-09-14T13:43:28Z",
"last_observed": "2017-09-14T13:43:28Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8780-9468-4a7a-8733-4e87950d210f",
"ipv4-addr--59ba8780-9468-4a7a-8733-4e87950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8780-9468-4a7a-8733-4e87950d210f",
"dst_ref": "ipv4-addr--59ba8780-9468-4a7a-8733-4e87950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8780-9468-4a7a-8733-4e87950d210f",
"value": "91.203.5.162"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8781-a104-4d3e-b936-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:29.000Z",
"modified": "2017-09-14T13:43:29.000Z",
"first_observed": "2017-09-14T13:43:29Z",
"last_observed": "2017-09-14T13:43:29Z",
"number_observed": 1,
"object_refs": [
"url--59ba8781-a104-4d3e-b936-140f950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59ba8781-a104-4d3e-b936-140f950d210f",
"value": "http://149.154.68.190/imageload.cgi"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8781-9f40-4f23-b785-4413950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:29.000Z",
"modified": "2017-09-14T13:43:29.000Z",
"first_observed": "2017-09-14T13:43:29Z",
"last_observed": "2017-09-14T13:43:29Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8781-9f40-4f23-b785-4413950d210f",
"ipv4-addr--59ba8781-9f40-4f23-b785-4413950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8781-9f40-4f23-b785-4413950d210f",
"dst_ref": "ipv4-addr--59ba8781-9f40-4f23-b785-4413950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8781-9f40-4f23-b785-4413950d210f",
"value": "149.154.68.190"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8781-8418-4ec7-b737-42c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:29.000Z",
"modified": "2017-09-14T13:43:29.000Z",
"pattern": "[url:value = 'http://iosselkdmno.ru/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8781-d2f4-4ce2-9020-4857950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:29.000Z",
"modified": "2017-09-14T13:43:29.000Z",
"pattern": "[domain-name:value = 'iosselkdmno.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8782-a224-4717-b7d7-4a40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:30.000Z",
"modified": "2017-09-14T13:43:30.000Z",
"pattern": "[url:value = 'http://fxnpypfwrwubj.work/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8782-809c-4ade-8f25-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:30.000Z",
"modified": "2017-09-14T13:43:30.000Z",
"pattern": "[domain-name:value = 'fxnpypfwrwubj.work']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8782-d024-4fa4-b48e-4479950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:30.000Z",
"modified": "2017-09-14T13:43:30.000Z",
"pattern": "[url:value = 'http://oiurcvsogfcrf.pl/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8782-f488-4be9-b71c-4c4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:30.000Z",
"modified": "2017-09-14T13:43:30.000Z",
"pattern": "[domain-name:value = 'oiurcvsogfcrf.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8782-e6b4-46c5-a4d3-4dd6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:30.000Z",
"modified": "2017-09-14T13:43:30.000Z",
"pattern": "[url:value = 'http://xgivrlkiel.pl/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8783-4e98-4f3f-aab3-4d20950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:31.000Z",
"modified": "2017-09-14T13:43:31.000Z",
"pattern": "[domain-name:value = 'xgivrlkiel.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8783-5518-42ac-bbae-450b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:31.000Z",
"modified": "2017-09-14T13:43:31.000Z",
"pattern": "[url:value = 'http://niukdrfaxmdmgjqhb.org/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8783-fe8c-45a8-995d-4a65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:31.000Z",
"modified": "2017-09-14T13:43:31.000Z",
"pattern": "[domain-name:value = 'niukdrfaxmdmgjqhb.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ba8783-6760-4800-aa48-1686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:31.000Z",
"modified": "2017-09-14T13:43:31.000Z",
"first_observed": "2017-09-14T13:43:31Z",
"last_observed": "2017-09-14T13:43:31Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ba8783-6760-4800-aa48-1686950d210f",
"ipv4-addr--59ba8783-6760-4800-aa48-1686950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ba8783-6760-4800-aa48-1686950d210f",
"dst_ref": "ipv4-addr--59ba8783-6760-4800-aa48-1686950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ba8783-6760-4800-aa48-1686950d210f",
"value": "195.22.26.248"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8783-fd9c-4073-9b02-1527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:31.000Z",
"modified": "2017-09-14T13:43:31.000Z",
"pattern": "[url:value = 'http://pgcgngaowatypg.work/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8784-19f0-4a0d-bc83-4da0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:32.000Z",
"modified": "2017-09-14T13:43:32.000Z",
"pattern": "[domain-name:value = 'pgcgngaowatypg.work']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8784-62d4-4273-b5b2-140f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:32.000Z",
"modified": "2017-09-14T13:43:32.000Z",
"pattern": "[url:value = 'http://gyoiopgwhcukjnw.ru/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8784-9724-4e52-9994-4209950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:32.000Z",
"modified": "2017-09-14T13:43:32.000Z",
"pattern": "[domain-name:value = 'gyoiopgwhcukjnw.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8784-2be0-418e-86d2-452b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:32.000Z",
"modified": "2017-09-14T13:43:32.000Z",
"pattern": "[url:value = 'http://tasiyxcmajhuyskwn.org/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8785-c858-41b1-bcc8-4e14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:33.000Z",
"modified": "2017-09-14T13:43:33.000Z",
"pattern": "[domain-name:value = 'tasiyxcmajhuyskwn.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8785-c390-4655-b1ab-4eb4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:33.000Z",
"modified": "2017-09-14T13:43:33.000Z",
"pattern": "[url:value = 'http://pytbxgucbfdbngqu.org/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8785-9930-4bfd-910e-151a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:33.000Z",
"modified": "2017-09-14T13:43:33.000Z",
"pattern": "[domain-name:value = 'pytbxgucbfdbngqu.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8786-8f94-4e3d-9fad-420f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:34.000Z",
"modified": "2017-09-14T13:43:34.000Z",
"pattern": "[url:value = 'http://thokbqetlqhjjnxcv.work/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8786-37d8-4da6-ab69-49ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:34.000Z",
"modified": "2017-09-14T13:43:34.000Z",
"pattern": "[domain-name:value = 'thokbqetlqhjjnxcv.work']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8787-d56c-42b4-930a-451f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:35.000Z",
"modified": "2017-09-14T13:43:35.000Z",
"pattern": "[url:value = 'http://naoeeuusbsri.pl/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8787-e794-42df-8afd-43c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:35.000Z",
"modified": "2017-09-14T13:43:35.000Z",
"pattern": "[domain-name:value = 'naoeeuusbsri.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8787-1484-4994-a5b7-46ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:35.000Z",
"modified": "2017-09-14T13:43:35.000Z",
"pattern": "[url:value = 'http://nyprxdu.pl/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ba8787-aaa4-42da-bec0-45f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-14T13:43:35.000Z",
"modified": "2017-09-14T13:43:35.000Z",
"pattern": "[domain-name:value = 'nyprxdu.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-14T13:43:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink