adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5b72bf0a-a300-4b09-9755-a4b00acd0835.json

2503 lines
108 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5b72bf0a-a300-4b09-9755-a4b00acd0835",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2019-09-23T13:47:04.000Z",
"modified": "2019-09-23T13:47:04.000Z",
"name": "Synovus Financial",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5b72bf0a-a300-4b09-9755-a4b00acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2019-09-23T13:47:04.000Z",
"modified": "2019-09-23T13:47:04.000Z",
"name": "[TIA-REPO Consumption] KeyPass ransomware",
"published": "2019-10-10T22:38:58Z",
"object_refs": [
"indicator--5b72bf0a-98b4-459e-9b64-a4b00acd0835",
"indicator--5b72bf0a-dfd0-472f-90dd-a4b00acd0835",
"indicator--5b72bf0a-c368-4a8c-9acf-a4b00acd0835",
"observed-data--5b72bfa8-958c-44f7-a94d-93c60acd0835",
"url--5b72bfa8-958c-44f7-a94d-93c60acd0835",
"indicator--5b72c64d-a1e4-4d38-acd0-a4bd0acd0835",
"indicator--5b72c64d-56a0-4109-9cd9-a4bd0acd0835",
"indicator--5b72c64d-aecc-44ba-b907-a4bd0acd0835",
"indicator--5b72c64d-37cc-48d8-b329-a4bd0acd0835",
"indicator--5b72c64d-af14-4c7e-8f59-a4bd0acd0835",
"indicator--5b72c64d-2d24-4dc4-b14b-a4bd0acd0835",
"indicator--5b72c64d-0764-447b-9199-a4bd0acd0835",
"indicator--5b72c64d-547c-40f4-8bd6-a4bd0acd0835",
"indicator--5b72c64d-2190-444d-8654-a4bd0acd0835",
"indicator--5b72c64d-ae38-421a-84d5-a4bd0acd0835",
"indicator--5b72c64d-e514-4004-8d37-a4bd0acd0835",
"indicator--5b72c64d-8ec8-4034-8d6e-a4bd0acd0835",
"indicator--5b72c64d-fb8c-42c8-bed5-a4bd0acd0835",
"indicator--5b72c64d-33f0-422d-92b5-a4bd0acd0835",
"indicator--5b72c64d-6188-4d4b-9baf-a4bd0acd0835",
"indicator--5b72c64d-21dc-41e6-aa44-a4bd0acd0835",
"indicator--5b72c64d-0dcc-4b58-9ad4-a4bd0acd0835",
"indicator--5b72c64d-46a8-4140-9d22-a4bd0acd0835",
"indicator--5b72c64d-97d8-4829-9c2e-a4bd0acd0835",
"indicator--5b72c64d-07c0-4e28-b480-a4bd0acd0835",
"indicator--5b72c64d-d57c-4653-80dd-a4bd0acd0835",
"indicator--5b72c64d-ae64-4c0c-a7fe-a4bd0acd0835",
"indicator--5b72c64d-527c-4c41-9e77-a4bd0acd0835",
"indicator--5b72c64d-33d0-48e0-ab3f-a4bd0acd0835",
"indicator--5b72c64d-30b0-47e3-ad53-a4bd0acd0835",
"indicator--5b72c64d-206c-4ecc-b785-a4bd0acd0835",
"indicator--5b72c64d-69b8-4eda-91bf-a4bd0acd0835",
"indicator--5b72c64d-7fe0-4fe8-a95e-a4bd0acd0835",
"indicator--5b72c64d-9454-4497-b870-a4bd0acd0835",
"indicator--5b72c64d-8df0-42e6-a5cc-a4bd0acd0835",
"indicator--5b72c64d-85d8-4ba5-a1ea-a4bd0acd0835",
"indicator--5b72c64d-eb28-4d67-8431-a4bd0acd0835",
"indicator--5b72c64d-3300-47a8-a7a1-a4bd0acd0835",
"indicator--5b72c64d-a364-490d-bfc8-a4bd0acd0835",
"indicator--5b72c64d-11fc-4c26-8046-a4bd0acd0835",
"indicator--5b72c64d-70cc-4124-87d9-a4bd0acd0835",
"indicator--5b72c64d-d740-4370-b8fd-a4bd0acd0835",
"indicator--5b72c64d-c7d0-4bf6-bb75-a4bd0acd0835",
"indicator--5b72c64e-5fcc-4104-8df9-a4bd0acd0835",
"indicator--5b72c64e-c5d4-4802-bcb1-a4bd0acd0835",
"indicator--5b72c64e-bb50-41ec-a8c8-a4bd0acd0835",
"indicator--5b72c64e-bbfc-48d0-9578-a4bd0acd0835",
"indicator--5b72c64e-f2ec-46d8-bfd0-a4bd0acd0835",
"indicator--5b72c64e-a4b0-40c1-9c74-a4bd0acd0835",
"indicator--5b72c64e-6ab4-4c9a-96ee-a4bd0acd0835",
"indicator--5b72c64e-2854-45c8-9f26-a4bd0acd0835",
"indicator--5b72c64e-b35c-4a9c-8005-a4bd0acd0835",
"indicator--5b72c64e-1070-4d93-a1d3-a4bd0acd0835",
"indicator--5b72c64e-80b8-46f6-a84c-a4bd0acd0835",
"indicator--5b72c64e-611c-408f-b684-a4bd0acd0835",
"indicator--5b72c64e-aa70-4b8c-8fae-a4bd0acd0835",
"indicator--5b72c64e-c198-4c23-bc53-a4bd0acd0835",
"indicator--5b72c64e-c13c-4dfd-8922-a4bd0acd0835",
"indicator--5b72c64e-7c18-438f-8806-a4bd0acd0835",
"indicator--5b72c64e-a820-4e5b-b873-a4bd0acd0835",
"indicator--5b72c64e-f818-4544-bb2c-a4bd0acd0835",
"indicator--5b72c64e-8798-4a5a-8985-a4bd0acd0835",
"indicator--5b72c64e-e880-4df2-a2fa-a4bd0acd0835",
"indicator--5b72c64e-0ffc-4f07-bc84-a4bd0acd0835",
"indicator--5b72c64e-2f7c-4d22-a086-a4bd0acd0835",
"indicator--5b72c64e-2a8c-41b9-b378-a4bd0acd0835",
"indicator--5b72c64e-4150-4c54-883e-a4bd0acd0835",
"indicator--5b72c64e-8eb0-48d4-a76c-a4bd0acd0835",
"indicator--5b72c64e-3cf0-4e8a-bd90-a4bd0acd0835",
"indicator--5b72c64e-c910-4850-b7c7-a4bd0acd0835",
"indicator--5b72c64e-0e18-410c-b608-a4bd0acd0835",
"indicator--5b72c64e-2f54-420a-bd34-a4bd0acd0835",
"indicator--5b72c64e-be54-4327-bc13-a4bd0acd0835",
"indicator--5b72c64e-72f8-4851-bcd4-a4bd0acd0835",
"indicator--5b72c64e-35ec-4b4a-91f1-a4bd0acd0835",
"indicator--5b72c64e-6578-4068-b024-a4bd0acd0835",
"indicator--5b72c64e-4e90-4dc0-a3ac-a4bd0acd0835",
"indicator--5b72c64e-6d98-42ba-b116-a4bd0acd0835",
"indicator--5b72c64e-5280-4b90-ba1c-a4bd0acd0835",
"indicator--5b72c64e-c4bc-4046-805c-a4bd0acd0835",
"indicator--5b72c64e-ef34-4bed-a532-a4bd0acd0835",
"indicator--5b72c64e-35fc-41f1-a68c-a4bd0acd0835",
"indicator--5b72c64e-fe6c-4914-9556-a4bd0acd0835",
"indicator--5b72c64e-4a60-4e49-94df-a4bd0acd0835",
"indicator--5b72c64e-a1bc-47ff-a274-a4bd0acd0835",
"indicator--5b72c64e-7348-4cd9-8d09-a4bd0acd0835",
"indicator--5b72c64e-6c6c-484c-b77b-a4bd0acd0835",
"indicator--5b72c64e-aab4-478c-ac03-a4bd0acd0835",
"indicator--5b72c64e-7d6c-4a57-9c44-a4bd0acd0835",
"indicator--5b72c64e-90ac-4115-8962-a4bd0acd0835",
"indicator--5b72c64e-a6b4-4f8d-ae91-a4bd0acd0835",
"indicator--5b72c64e-8624-4d79-b426-a4bd0acd0835",
"indicator--5b72c64e-d1d0-4c6b-b3cf-a4bd0acd0835",
"indicator--5b72c64e-27e4-4955-a051-a4bd0acd0835",
"indicator--5b72c64e-d984-44bd-82ef-a4bd0acd0835",
"indicator--5b72c64e-5300-4ebf-884a-a4bd0acd0835",
"indicator--5b72c64e-4764-4f55-9aa1-a4bd0acd0835",
"indicator--5b72c64e-830c-4842-ba5d-a4bd0acd0835",
"indicator--5b72c64e-9654-4df0-91eb-a4bd0acd0835"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"malware_classification:malware-category=\"Ransomware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72bf0a-98b4-459e-9b64-a4b00acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:03.000Z",
"modified": "2018-08-14T12:11:03.000Z",
"pattern": "[domain-name:value = 'cosonar.mcdir.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72bf0a-dfd0-472f-90dd-a4b00acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:03.000Z",
"modified": "2018-08-14T12:11:03.000Z",
"pattern": "[file:hashes.MD5 = '901d893f665c6f9741aa940e5f275952']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72bf0a-c368-4a8c-9acf-a4b00acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:03.000Z",
"modified": "2018-08-14T12:11:03.000Z",
"pattern": "[url:value = 'http://cosonar.mcdir.ru/get.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5b72bfa8-958c-44f7-a94d-93c60acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"first_observed": "2018-08-14T12:11:13Z",
"last_observed": "2018-08-14T12:11:13Z",
"number_observed": 1,
"object_refs": [
"url--5b72bfa8-958c-44f7-a94d-93c60acd0835"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5b72bfa8-958c-44f7-a94d-93c60acd0835",
"value": "https://securelist.com/keypass-ransomware/87412/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-a1e4-4d38-acd0-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://rihs2.herocraft.com/hs.php?act=hostlist']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-56a0-4109-9cd9-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=265729&funid=4451']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-aecc-44ba-b907-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://mt20.lbs8.com/navidog2Theme/clientSort.htm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-37cc-48d8-b329-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=374566&funid=4451']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-af14-4c7e-8f59-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=270779&funid=4451']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-2d24-4dc4-b14b-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=371132&funid=4451']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-0764-447b-9199-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=300180&funid=4451']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-547c-40f4-8bd6-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://androidpay-users-pa.googleapis.com/cm/t/security/getnonce']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-2190-444d-8654-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://androidpay-users-pa.googleapis.com/cm/t/security/checkin']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-ae38-421a-84d5-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.chinahaobao.com/new/shunyeqiao.php?8srf1/e94km.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-e514-4004-8d37-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'https://www.vamosemagrecer.com.br/como-perder-barriga/exercicios/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-8ec8-4034-8d6e-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.59pic.com/youwuCol/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-fb8c-42c8-bed5-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://59pic.com/youwuCol/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-33f0-422d-92b5-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.ngs517.com/.settings/meileituo.php?6ytp/bas47r.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-6188-4d4b-9baf-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.ngs517.com/.settings/meileituo.php?chzf/t0buxv.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-21dc-41e6-aa44-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.ngs517.com/.settings/meileituo.php?n36t/azkem8.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-0dcc-4b58-9ad4-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://carestar.cc/song.php?8ap9p/gg6mt1.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-46a8-4140-9d22-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://86.gtuu.com/mixinhuai.php?8afc\\\\%2fyxl0ka.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-97d8-4829-9c2e-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.xun-yi.com/jiankangxinli/ganci.php?ygyi/yiaoad.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-07c0-4e28-b480-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/digg/qiaofan.php?15rg/dnvmbw.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-d57c-4653-80dd-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.xun-yi.com/jiankangxinli/ganci.php/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-ae64-4c0c-a7fe-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.xun-yi.com/jiankangxinli/ganci.php/?ygyi\\\\%2Fyiaoad.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-527c-4c41-9e77-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?oetb14pm/hfsfnqd.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-33d0-48e0-ab3f-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?hz0hzhfa/h2vck1q.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-30b0-47e3-ad53-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://xtw.bhbhxy.com/shuofenzhun.php?rdfkns3y/rws9ygl.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-206c-4ecc-b785-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?mw2e/3clzsi.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-69b8-4eda-91bf-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?hz2r/9stpnz.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-7fe0-4fe8-a95e-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?wiqm/ljipk2.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-9454-4497-b870-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?gmwwbwa0/wgify4e.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-8df0-42e6-a5cc-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/special/qinshifen.php?zwcclidd/o1zsc0w.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-85d8-4ba5-a1ea-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/special/qinshifen.php?gmux5mih/oflsrjm.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-eb28-4d67-8431-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/digg/kangrongzhong.php?mxxq/x5zhqz.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-3300-47a8-a7a1-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/pay/leqiantun.php?261125/qianya.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-a364-490d-bfc8-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?ohkxgrhp/mr5ughg.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-11fc-4c26-8046-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/kor/wennan.php?ft1zg3mu/7shb1ut.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-70cc-4124-87d9-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/flash/pingpingci.php?7up9/yi9kbl.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-d740-4370-b8fd-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/js/binshajiao.php?touyong41/wengtui.html?93157/index.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64d-c7d0-4bf6-bb75-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?rjucfcno/dfktc8f.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-5fcc-4104-8df9-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?9fccevgz/6fp0cs0.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-c5d4-4802-bcb1-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.damuchang.com/plus/kuxun.php?8zlc/kellsp.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-bb50-41ec-a8c8-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.damuchang.com/plus/kuxun.php?ypxygsks/ojh0og0.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-bbfc-48d0-9578-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/sidizai.php?mmgsy0k8/edgywsm.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-f2ec-46d8-bfd0-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/yuguyong.php?k6l8vhgk/slejqyc.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-a4b0-40c1-9c74-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:17.000Z",
"modified": "2018-08-14T12:11:17.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?h0ir5s5i/iw7kdfi.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-6ab4-4c9a-96ee-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?3n4ja9op/pj1ahew.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-2854-45c8-9f26-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/yonglan.php?c9qnv500/hoxfkae.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-b35c-4a9c-8005-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?8elxaume/6t7qol8.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-1070-4d93-a1d3-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/dun.php?g581/0lmnoq.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-80b8-46f6-a84c-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/lieyunhui.php?0v1i/4wfjsg.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-611c-408f-b684-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/shanzhan.php?je48neca/yfbawd0.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-aa70-4b8c-8fae-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/yuguyong.php?aizurns8/6cntwvy.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-c198-4c23-bc53-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/shanzhan.php?f7xijdpo/it5adaj.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-c13c-4dfd-8922-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?ai4cy0zf/txfbccn.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-7c18-438f-8806-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?l4dlbjti/5hplmxv.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-a820-4e5b-b873-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/dun.php?xs6d/dmy0xb.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-f818-4544-bb2c-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?qcggyonz/exl9nsq.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-8798-4a5a-8985-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?7aonwar8/u0uzm9l.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-e880-4df2-a2fa-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?vn1w/ylgkiu.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-0ffc-4f07-bc84-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?qom3gn65/n9go3cb.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-2f7c-4d22-a086-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/dun.php?ywzs/haj65t.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-2a8c-41b9-b378-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?0ih4/sezvsm.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-4150-4c54-883e-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?d7pg/iftsss.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-8eb0-48d4-a76c-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?9jgw/alp3yg.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-3cf0-4e8a-bd90-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?a0db/0adjzh.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-c910-4850-b7c7-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/yj/keqihe.php?niw3/xhjxu5.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-0e18-410c-b608-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?bmmq/x4hkmo.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-2f54-420a-bd34-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?cjey/ppshko.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-be54-4327-bc13-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:13.000Z",
"modified": "2018-08-14T12:11:13.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?veam/1lgvr4.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-72f8-4851-bcd4-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?sxkotuzn/ebsqxjv.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-35ec-4b4a-91f1-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?hqyb7e7k/i1vqegx.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-6578-4068-b024-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/special/qinshifen.php?sxiyvjmw/ryi9to4.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-4e90-4dc0-a3ac-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?s5wvcdp1/txkn4oq.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-6d98-42ba-b116-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/member/baikongtao.php?tohiauwi/gir56wi.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-5280-4b90-ba1c-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?ztu0/ddyhkj.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-c4bc-4046-805c-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:16.000Z",
"modified": "2018-08-14T12:11:16.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?rksb/naecy2.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-ef34-4bed-a532-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/sidizai.php?fbma/385vub.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-35fc-41f1-a68c-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?bdh3siju/f54z2ij.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-fe6c-4914-9556-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/yuguyong.php?37c2zx4x/vnvovcg.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-4a60-4e49-94df-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/sidizai.php?oh2qzhdc/wjwbklx.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-a1bc-47ff-a274-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?gfyd/uyaumf.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-7348-4cd9-8d09-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/shanzhan.php?csie/8ovbfx.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-6c6c-484c-b77b-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?mwoq/qxqyrl.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-aab4-478c-ac03-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?g5ogulyd/lzaxfmk.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-7d6c-4a57-9c44-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:14.000Z",
"modified": "2018-08-14T12:11:14.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.cncszs.com/neican/anjiao.php?ysyn/hynh6k.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-90ac-4115-8962-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.nbysxx.com/zhanbuzi.php?ldpj\\\\%2Fojyi70.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-a6b4-4f8d-ae91-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.tbgjdj.com/plus/zhixiong.php?hukf\\\\%2Fq9pgmv.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-8624-4d79-b426-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.nbysxx.com/zhanbuzi.php?e8rqnks5\\\\%2Fnajaqcy.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-d1d0-4c6b-b3cf-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.wzwmw.com/tbzfb/yalianglai.php?pzxh\\\\%2Foowmfb.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-27e4-4955-a051-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.dmgpark.com/kor/wennan.php?zjls\\\\%2Fucvtnc.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-d984-44bd-82ef-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.gzqc.com.cn/biyadi/chiqiang.php?3vef\\\\%2Fuwmcir.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-5300-4ebf-884a-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.gzqc.com.cn/biyadi/chiqiang.php?lmsw0nhe\\\\%2Ft7bcglj.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-4764-4f55-9aa1-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.zctaozhi.com/jobfair/juyuao.php?oxvofwop\\\\%2Fq8hyzg5.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-830c-4842-ba5d-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:15.000Z",
"modified": "2018-08-14T12:11:15.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.zctaozhi.com/jobfair/juyuao.php?yg4f\\\\%2Fefibbh.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b72c64e-9654-4df0-91eb-a4bd0acd0835",
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
"created": "2018-08-14T12:11:18.000Z",
"modified": "2018-08-14T12:11:18.000Z",
"description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT",
"pattern": "[url:value = 'http://www.gzqc.com.cn/biyadi/chiqiang.php?y3nd\\\\%2Fgbmjzt.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-08-14T12:11:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink