{ "type": "bundle", "id": "bundle--5614b358-9c54-4b33-96f6-742d950d210b", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T06:00:33.000Z", "modified": "2015-10-07T06:00:33.000Z", "name": "CthulhuSPRL.be", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5614b358-9c54-4b33-96f6-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T06:00:33.000Z", "modified": "2015-10-07T06:00:33.000Z", "name": "OSINT A Fast and Furious Drive-By: Uncovering PTDark Attack Sites by Fortinet", "published": "2015-10-07T06:01:42Z", "object_refs": [ "observed-data--5614b372-c588-4858-9d2e-49ff950d210b", "url--5614b372-c588-4858-9d2e-49ff950d210b", "observed-data--5614b372-4ea4-445f-afd7-4422950d210b", "url--5614b372-4ea4-445f-afd7-4422950d210b", "indicator--5614b39f-64d8-4b64-b679-039f950d210b", "indicator--5614b3a0-9940-40fe-85cc-039f950d210b", "indicator--5614b3a0-4aec-4986-b26d-039f950d210b", "indicator--5614b3a1-7cfc-4ba9-ba3d-039f950d210b", "indicator--5614b3a1-8024-4825-a37f-039f950d210b", "indicator--5614b3a1-bf28-461b-a8e7-039f950d210b", "indicator--5614b3a2-eb6c-41c7-ae3f-039f950d210b", "indicator--5614b3a2-5dd0-4f54-a098-039f950d210b", "indicator--5614b3a3-f0b0-46a6-8044-039f950d210b", "indicator--5614b3a3-1b74-4c5a-8888-039f950d210b", "indicator--5614b3a3-e228-4d49-b26d-039f950d210b", "indicator--5614b3a4-8778-43cf-b928-039f950d210b", "indicator--5614b3a4-d13c-441d-895f-039f950d210b", "indicator--5614b3a4-2e40-4b22-aa1c-039f950d210b", "indicator--5614b3c3-83fc-4ed0-a081-742d950d210b", "indicator--5614b3c3-83c0-4ab4-8283-742d950d210b", "indicator--5614b3c3-6408-44f9-9a30-742d950d210b", "x-misp-attribute--5614b3cb-d90c-4cd7-9af0-4c52950d210b", "x-misp-attribute--5614b3cb-ddcc-4d97-a750-4442950d210b", "x-misp-attribute--5614b3cc-efdc-4e98-b144-4851950d210b", "indicator--5614b3e8-3d10-479c-bf40-4090950d210b", "indicator--5614b3e9-59e0-489b-87b0-468b950d210b", "indicator--5614b3e9-b43c-4af3-b687-4acc950d210b", "indicator--5614b3e9-9898-475b-ad31-4f4f950d210b", "indicator--5614b3ea-3550-46e7-9d96-4883950d210b", "indicator--5614b3ea-6560-4c70-ad4c-4cb1950d210b", "indicator--5614b3ea-cac4-4b39-ba05-48d6950d210b", "indicator--5614b3eb-6bd8-4917-8638-4e8b950d210b", "indicator--5614b3eb-c42c-4a37-8fad-4741950d210b", "indicator--5614b3ec-80e4-4400-9f95-45de950d210b", "indicator--5614b3ec-12e4-4211-8f98-4b44950d210b", "indicator--5614b3ec-cca4-4128-8fe2-4d8d950d210b", "indicator--5614b3ed-8c8c-45be-b368-4897950d210b", "indicator--5614b3ed-7a34-4bc3-bcff-4d49950d210b", "indicator--5614b408-36c8-4d7e-8428-4a82950d210b", "indicator--5614b408-8228-4b01-81f9-421e950d210b", "indicator--5614b409-0698-4781-bf3d-4f60950d210b", "indicator--5614b409-3f50-4d03-9346-4122950d210b", "indicator--5614b409-7744-4438-b170-409c950d210b", "indicator--5614b40a-9958-4005-a693-4b1a950d210b", "indicator--5614b40a-3544-4ac8-9e22-49a1950d210b", "indicator--5614b40b-f104-48a6-a526-4f36950d210b", "indicator--5614b40b-0f8c-438f-a45a-43cf950d210b", "indicator--5614b40b-fdf0-41c0-9ba5-4e79950d210b", "indicator--5614b40c-4360-4083-bde8-41da950d210b", "indicator--5614b40c-c9cc-468d-a66f-4522950d210b", "indicator--5614b40c-01e4-4f9b-a0bd-4413950d210b", "indicator--5614b40d-29b0-4211-bd28-4fa8950d210b", "indicator--5614b424-5a3c-432f-a4c3-46d9950d210b", "indicator--5614b425-3344-44e5-9d5c-45ef950d210b", "indicator--5614b425-49f8-402c-9d25-42f7950d210b", "indicator--5614b426-9ee0-4551-8475-4d7c950d210b", "indicator--5614b427-f2dc-4f70-be42-4e9c950d210b", "indicator--5614b427-c6a4-48f6-8819-49c4950d210b", "indicator--5614b427-3d18-4176-9380-44ee950d210b", "indicator--5614b428-5918-47af-8a40-452f950d210b", "indicator--5614b445-7d18-4c54-8a8d-039e950d210b", "indicator--5614b446-0824-4007-9818-039e950d210b", "indicator--5614b446-7808-4b38-ac99-039e950d210b", "indicator--5614b446-2e04-4f09-94ea-039e950d210b", "indicator--5614b447-9df8-4be9-8eee-039e950d210b", "indicator--5614b447-c670-450d-8928-039e950d210b", "indicator--5614b447-a444-4be6-aefd-039e950d210b", "indicator--5614b448-f088-4995-bc90-039e950d210b", "indicator--5614b448-893c-4e5e-8c1c-039e950d210b", "indicator--5614b449-6310-4648-8c7e-039e950d210b", "indicator--5614b449-88c4-4048-afaa-039e950d210b", "indicator--5614b449-1170-4e16-ae74-039e950d210b", "indicator--5614b44a-da80-4d4f-bc72-039e950d210b", "indicator--5614b44a-2ed8-4ae5-b68f-039e950d210b", "indicator--5614b44a-435c-41df-9bf7-039e950d210b", "indicator--5614b44b-1dd0-4ae3-9aa0-039e950d210b", "indicator--5614b44b-7f00-44e4-8e4f-039e950d210b", "indicator--5614b44c-23a8-45da-a21c-039e950d210b", "indicator--5614b44c-9bb0-4053-82da-039e950d210b", "indicator--5614b44c-25ec-458c-a38f-039e950d210b", "indicator--5614b45f-c34c-4d5c-8592-44ab950d210b", "indicator--5614b460-fe5c-4f97-b743-47ed950d210b", "indicator--5614b460-3f2c-439f-a98a-44da950d210b", "indicator--5614b460-dbd4-42d4-91a8-4e25950d210b", "indicator--5614b461-3964-470d-bf46-495e950d210b", "indicator--5614b461-cc1c-409b-80d5-48e6950d210b", "indicator--5614b462-a2f0-4a58-9765-4edb950d210b", "indicator--5614b462-4b38-4418-8b26-430f950d210b", "indicator--5614b462-1024-4178-9c08-4595950d210b", "indicator--5614b463-6a78-4df1-8436-4f2a950d210b", "indicator--5614b476-dc34-4da6-bf61-742d950d210b", "indicator--5614b477-fe84-4c03-9e08-742d950d210b", "indicator--5614b477-7a44-432c-a364-742d950d210b", "indicator--5614b477-946c-40c7-a02b-742d950d210b", "indicator--5614b478-5280-4a91-b7b2-742d950d210b", "indicator--5614b478-e274-4b54-afbc-742d950d210b", "indicator--5614b479-9b74-4b83-8269-742d950d210b", "indicator--5614b479-78c4-40a7-9d21-742d950d210b", "indicator--5614b479-3528-45b2-b9c5-742d950d210b", "indicator--5614b47a-0b50-4ecf-9077-742d950d210b", "indicator--5614b47a-c3d0-415c-b5f0-742d950d210b", "indicator--5614b47a-dd2c-46b7-94b8-742d950d210b", "indicator--5614b47b-0834-4f89-b5b9-742d950d210b", "indicator--5614b47b-2954-4681-9bbd-742d950d210b", "indicator--5614b47c-dc0c-488e-b86a-742d950d210b", "indicator--5614b47c-62a8-463e-94f8-742d950d210b", "indicator--5614b47c-0bec-429b-ac6e-742d950d210b", "indicator--5614b47d-2878-4966-a8bf-742d950d210b", "indicator--5614b47d-f7f4-46e4-b03a-742d950d210b", "indicator--5614b47d-c6f0-4b7a-99b7-742d950d210b", "indicator--5614b491-46a8-4862-8ccd-4818950d210b", "indicator--5614b492-ffcc-4108-a7a9-4f6b950d210b", "indicator--5614b492-3b64-4836-b6c3-45d0950d210b", "x-misp-attribute--5614b4ed-593c-4e27-a9bd-6aac950d210b" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5614b372-c588-4858-9d2e-49ff950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:53:54.000Z", "modified": "2015-10-07T05:53:54.000Z", "first_observed": "2015-10-07T05:53:54Z", "last_observed": "2015-10-07T05:53:54Z", "number_observed": 1, "object_refs": [ "url--5614b372-c588-4858-9d2e-49ff950d210b" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5614b372-c588-4858-9d2e-49ff950d210b", "value": "http://www.drchaos.com/a-fast-and-furious-drive-by-uncovering-ptdark-attack-sites/" }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5614b372-4ea4-445f-afd7-4422950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:53:54.000Z", "modified": "2015-10-07T05:53:54.000Z", "first_observed": "2015-10-07T05:53:54Z", "last_observed": "2015-10-07T05:53:54Z", "number_observed": 1, "object_refs": [ "url--5614b372-4ea4-445f-afd7-4422950d210b" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5614b372-4ea4-445f-afd7-4422950d210b", "value": "http://www.fortinet.com/sites/default/files/whitepapers/WhitePaper-Drive-By-Campaign.pdf" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b39f-64d8-4b64-b679-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:39.000Z", "modified": "2015-10-07T05:54:39.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp88.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a0-9940-40fe-85cc-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:40.000Z", "modified": "2015-10-07T05:54:40.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp93.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a0-4aec-4986-b26d-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:40.000Z", "modified": "2015-10-07T05:54:40.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp74.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a1-7cfc-4ba9-ba3d-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:41.000Z", "modified": "2015-10-07T05:54:41.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp83.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a1-8024-4825-a37f-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:41.000Z", "modified": "2015-10-07T05:54:41.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = '98asas.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a1-bf28-461b-a8e7-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:41.000Z", "modified": "2015-10-07T05:54:41.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp20.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a2-eb6c-41c7-ae3f-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:42.000Z", "modified": "2015-10-07T05:54:42.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp57.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a2-5dd0-4f54-a098-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:42.000Z", "modified": "2015-10-07T05:54:42.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp66.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a3-f0b0-46a6-8044-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:43.000Z", "modified": "2015-10-07T05:54:43.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp75.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a3-1b74-4c5a-8888-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:43.000Z", "modified": "2015-10-07T05:54:43.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp85.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a3-e228-4d49-b26d-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:43.000Z", "modified": "2015-10-07T05:54:43.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp95.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a4-8778-43cf-b928-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:44.000Z", "modified": "2015-10-07T05:54:44.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp32.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a4-d13c-441d-895f-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:44.000Z", "modified": "2015-10-07T05:54:44.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp09.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3a4-2e40-4b22-aa1c-039f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:54:44.000Z", "modified": "2015-10-07T05:54:44.000Z", "description": "domain associated with qianxxxx1@gmail.com", "pattern": "[domain-name:value = 'xpxp69.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:54:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3c3-83fc-4ed0-a081-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:15.000Z", "modified": "2015-10-07T05:55:15.000Z", "description": "Registrant", "pattern": "[email-message:from_ref.value = 'qianxxxx1@gmail.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"email-src\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3c3-83c0-4ab4-8283-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:15.000Z", "modified": "2015-10-07T05:55:15.000Z", "description": "Registrant", "pattern": "[email-message:from_ref.value = 'qianxxxx2@gmail.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"email-src\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3c3-6408-44f9-9a30-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:15.000Z", "modified": "2015-10-07T05:55:15.000Z", "description": "Registrant", "pattern": "[email-message:from_ref.value = 'qianxxxx3@gmail.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"email-src\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5614b3cb-d90c-4cd7-9af0-4c52950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:23.000Z", "modified": "2015-10-07T05:55:23.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"Attribution\"" ], "x_misp_category": "Attribution", "x_misp_type": "text", "x_misp_value": "qianxxxx1@gmail.com" }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5614b3cb-ddcc-4d97-a750-4442950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:23.000Z", "modified": "2015-10-07T05:55:23.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"Attribution\"" ], "x_misp_category": "Attribution", "x_misp_type": "text", "x_misp_value": "qianxxxx2@gmail.com" }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5614b3cc-efdc-4e98-b144-4851950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:24.000Z", "modified": "2015-10-07T05:55:24.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"Attribution\"" ], "x_misp_category": "Attribution", "x_misp_type": "text", "x_misp_value": "qianxxxx3@gmail.com" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3e8-3d10-479c-bf40-4090950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:52.000Z", "modified": "2015-10-07T05:55:52.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '77xxee.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3e9-59e0-489b-87b0-468b950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:53.000Z", "modified": "2015-10-07T05:55:53.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '55jjkk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3e9-b43c-4af3-b687-4acc950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:53.000Z", "modified": "2015-10-07T05:55:53.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '800aaa.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3e9-9898-475b-ad31-4f4f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:53.000Z", "modified": "2015-10-07T05:55:53.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '22xcxc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ea-3550-46e7-9d96-4883950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:54.000Z", "modified": "2015-10-07T05:55:54.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '22vvyy.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ea-6560-4c70-ad4c-4cb1950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:54.000Z", "modified": "2015-10-07T05:55:54.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '22eevv.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ea-cac4-4b39-ba05-48d6950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:54.000Z", "modified": "2015-10-07T05:55:54.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '22kkvv.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3eb-6bd8-4917-8638-4e8b950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:55.000Z", "modified": "2015-10-07T05:55:55.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '22xxdd.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3eb-c42c-4a37-8fad-4741950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:55.000Z", "modified": "2015-10-07T05:55:55.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '22vvxx.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ec-80e4-4400-9f95-45de950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:56.000Z", "modified": "2015-10-07T05:55:56.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '66kkjj.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ec-12e4-4211-8f98-4b44950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:56.000Z", "modified": "2015-10-07T05:55:56.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '88zxzx.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ec-cca4-4128-8fe2-4d8d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:56.000Z", "modified": "2015-10-07T05:55:56.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '11eevv.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ed-8c8c-45be-b368-4897950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:57.000Z", "modified": "2015-10-07T05:55:57.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '55zxzx.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b3ed-7a34-4bc3-bcff-4d49950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:55:57.000Z", "modified": "2015-10-07T05:55:57.000Z", "description": "Domain associated with qianxxxx2@gmail.com", "pattern": "[domain-name:value = '55vvxx.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:55:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b408-36c8-4d7e-8428-4a82950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:24.000Z", "modified": "2015-10-07T05:56:24.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '80wbw.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b408-8228-4b01-81f9-421e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:24.000Z", "modified": "2015-10-07T05:56:24.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '70wbw.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b409-0698-4781-bf3d-4f60950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:25.000Z", "modified": "2015-10-07T05:56:25.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '800qaz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b409-3f50-4d03-9346-4122950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:25.000Z", "modified": "2015-10-07T05:56:25.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '789kxk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b409-7744-4438-b170-409c950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:25.000Z", "modified": "2015-10-07T05:56:25.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '30wbw.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40a-9958-4005-a693-4b1a950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:26.000Z", "modified": "2015-10-07T05:56:26.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '22qaz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40a-3544-4ac8-9e22-49a1950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:26.000Z", "modified": "2015-10-07T05:56:26.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '88kjk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40b-f104-48a6-a526-4f36950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:27.000Z", "modified": "2015-10-07T05:56:27.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '800wbw.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40b-0f8c-438f-a45a-43cf950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:27.000Z", "modified": "2015-10-07T05:56:27.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '400kjk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40b-fdf0-41c0-9ba5-4e79950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:27.000Z", "modified": "2015-10-07T05:56:27.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '300wbw.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40c-4360-4083-bde8-41da950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:28.000Z", "modified": "2015-10-07T05:56:28.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '789xmx.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40c-c9cc-468d-a66f-4522950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:28.000Z", "modified": "2015-10-07T05:56:28.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '70kxk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40c-01e4-4f9b-a0bd-4413950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:28.000Z", "modified": "2015-10-07T05:56:28.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '222kxk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b40d-29b0-4211-bd28-4fa8950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:29.000Z", "modified": "2015-10-07T05:56:29.000Z", "description": "Domain associated with qianxxxx3@gmail.com", "pattern": "[domain-name:value = '789kjk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b424-5a3c-432f-a4c3-46d9950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:52.000Z", "modified": "2015-10-07T05:56:52.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = 'xpxp64.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b425-3344-44e5-9d5c-45ef950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:53.000Z", "modified": "2015-10-07T05:56:53.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = '23asas.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b425-49f8-402c-9d25-42f7950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:53.000Z", "modified": "2015-10-07T05:56:53.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = '24asas.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b426-9ee0-4551-8475-4d7c950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:54.000Z", "modified": "2015-10-07T05:56:54.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = '200kxk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b427-f2dc-4f70-be42-4e9c950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:55.000Z", "modified": "2015-10-07T05:56:55.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = 'xpxp33.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b427-c6a4-48f6-8819-49c4950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:55.000Z", "modified": "2015-10-07T05:56:55.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = '65asas.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b427-3d18-4176-9380-44ee950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:55.000Z", "modified": "2015-10-07T05:56:55.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = '789xkx.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b428-5918-47af-8a40-452f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:56:56.000Z", "modified": "2015-10-07T05:56:56.000Z", "description": "Domain associated with LIU YUMING", "pattern": "[domain-name:value = '71asas.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:56:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b445-7d18-4c54-8a8d-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:25.000Z", "modified": "2015-10-07T05:57:25.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.52']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b446-0824-4007-9818-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:26.000Z", "modified": "2015-10-07T05:57:26.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.49']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b446-7808-4b38-ac99-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:26.000Z", "modified": "2015-10-07T05:57:26.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.57']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b446-2e04-4f09-94ea-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:26.000Z", "modified": "2015-10-07T05:57:26.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.56']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b447-9df8-4be9-8eee-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:27.000Z", "modified": "2015-10-07T05:57:27.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.47']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b447-c670-450d-8928-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:27.000Z", "modified": "2015-10-07T05:57:27.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.59']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b447-a444-4be6-aefd-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:27.000Z", "modified": "2015-10-07T05:57:27.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.34']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b448-f088-4995-bc90-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:28.000Z", "modified": "2015-10-07T05:57:28.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.39']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b448-893c-4e5e-8c1c-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:28.000Z", "modified": "2015-10-07T05:57:28.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.58']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b449-6310-4648-8c7e-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:29.000Z", "modified": "2015-10-07T05:57:29.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.51']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b449-88c4-4048-afaa-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:29.000Z", "modified": "2015-10-07T05:57:29.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.35']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b449-1170-4e16-ae74-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:29.000Z", "modified": "2015-10-07T05:57:29.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.60']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44a-da80-4d4f-bc72-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:30.000Z", "modified": "2015-10-07T05:57:30.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.38']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44a-2ed8-4ae5-b68f-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:30.000Z", "modified": "2015-10-07T05:57:30.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.45']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44a-435c-41df-9bf7-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:30.000Z", "modified": "2015-10-07T05:57:30.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.48']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44b-1dd0-4ae3-9aa0-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:31.000Z", "modified": "2015-10-07T05:57:31.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.53']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44b-7f00-44e4-8e4f-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:31.000Z", "modified": "2015-10-07T05:57:31.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.37']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44c-23a8-45da-a21c-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:31.000Z", "modified": "2015-10-07T05:57:31.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.42']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44c-9bb0-4053-82da-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:32.000Z", "modified": "2015-10-07T05:57:32.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.41']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b44c-25ec-458c-a38f-039e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:32.000Z", "modified": "2015-10-07T05:57:32.000Z", "description": "Associated with qianxxxx1@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.36']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b45f-c34c-4d5c-8592-44ab950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:51.000Z", "modified": "2015-10-07T05:57:51.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.136']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b460-fe5c-4f97-b743-47ed950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:52.000Z", "modified": "2015-10-07T05:57:52.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.130']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b460-3f2c-439f-a98a-44da950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:52.000Z", "modified": "2015-10-07T05:57:52.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.157']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b460-dbd4-42d4-91a8-4e25950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:52.000Z", "modified": "2015-10-07T05:57:52.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.151']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b461-3964-470d-bf46-495e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:53.000Z", "modified": "2015-10-07T05:57:53.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.131']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b461-cc1c-409b-80d5-48e6950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:53.000Z", "modified": "2015-10-07T05:57:53.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.132']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b462-a2f0-4a58-9765-4edb950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:54.000Z", "modified": "2015-10-07T05:57:54.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.138']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b462-4b38-4418-8b26-430f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:54.000Z", "modified": "2015-10-07T05:57:54.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.133']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b462-1024-4178-9c08-4595950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:54.000Z", "modified": "2015-10-07T05:57:54.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.153']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b463-6a78-4df1-8436-4f2a950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:57:55.000Z", "modified": "2015-10-07T05:57:55.000Z", "description": "Associated with qianxxxx2@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.143']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:57:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b476-dc34-4da6-bf61-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:14.000Z", "modified": "2015-10-07T05:58:14.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.148']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b477-fe84-4c03-9e08-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:15.000Z", "modified": "2015-10-07T05:58:15.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.133']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b477-7a44-432c-a364-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:15.000Z", "modified": "2015-10-07T05:58:15.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.157']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b477-946c-40c7-a02b-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:15.000Z", "modified": "2015-10-07T05:58:15.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.144']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b478-5280-4a91-b7b2-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:16.000Z", "modified": "2015-10-07T05:58:16.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.146']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b478-e274-4b54-afbc-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:16.000Z", "modified": "2015-10-07T05:58:16.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.141']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b479-9b74-4b83-8269-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:17.000Z", "modified": "2015-10-07T05:58:17.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.153']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b479-78c4-40a7-9d21-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:17.000Z", "modified": "2015-10-07T05:58:17.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.142']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b479-3528-45b2-b9c5-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:17.000Z", "modified": "2015-10-07T05:58:17.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.130']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47a-0b50-4ecf-9077-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:18.000Z", "modified": "2015-10-07T05:58:18.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.156']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47a-c3d0-415c-b5f0-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:18.000Z", "modified": "2015-10-07T05:58:18.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.138']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47a-dd2c-46b7-94b8-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:18.000Z", "modified": "2015-10-07T05:58:18.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.154']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47b-0834-4f89-b5b9-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:19.000Z", "modified": "2015-10-07T05:58:19.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.151']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47b-2954-4681-9bbd-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:19.000Z", "modified": "2015-10-07T05:58:19.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.134']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47c-dc0c-488e-b86a-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:20.000Z", "modified": "2015-10-07T05:58:20.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.145']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47c-62a8-463e-94f8-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:20.000Z", "modified": "2015-10-07T05:58:20.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.137']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47c-0bec-429b-ac6e-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:20.000Z", "modified": "2015-10-07T05:58:20.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.150']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47d-2878-4966-a8bf-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:21.000Z", "modified": "2015-10-07T05:58:21.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.152']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47d-f7f4-46e4-b03a-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:21.000Z", "modified": "2015-10-07T05:58:21.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.147']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b47d-c6f0-4b7a-99b7-742d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:21.000Z", "modified": "2015-10-07T05:58:21.000Z", "description": "Associated with qianxxxx3@gmail.com", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.143']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b491-46a8-4862-8ccd-4818950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:41.000Z", "modified": "2015-10-07T05:58:41.000Z", "description": "Associated with LIU YUMING", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.55']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b492-ffcc-4108-a7a9-4f6b950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:42.000Z", "modified": "2015-10-07T05:58:42.000Z", "description": "Associated with LIU YUMING", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5614b492-3b64-4836-b6c3-45d0950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T05:58:42.000Z", "modified": "2015-10-07T05:58:42.000Z", "description": "Associated with LIU YUMING", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.131']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2015-10-07T05:58:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5614b4ed-593c-4e27-a9bd-6aac950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2015-10-07T06:00:33.000Z", "modified": "2015-10-07T06:00:33.000Z", "labels": [ "misp:type=\"comment\"", "misp:category=\"Network activity\"" ], "x_misp_category": "Network activity", "x_misp_type": "comment", "x_misp_value": "NetBlocks with high levels of suspicious activity\r\nPT-82-4 (NET-142-4-96-0-1) 142.4.96.0 - 142.4.127.255\r\nPT-82V601 (NET6-2605-7280-1) 2605:7280:: -\r\n2605:7280:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF\r\nPT-82-8 (NET-137-175-0-0-1) 137.175.0.0 - 137.175.127.255\r\nPT-82-2 (NET-199-180-100-0-1) 199.180.100.0 - 199.180.103.255\r\nPT-82-1 (NET-199-188-104-0-1) 199.188.104.0 - 199.188.111.255\r\nPT-82-3 (NET-142-0-128-0-1) 142.0.128.0 - 142.0.143.255\r\nPT-82-5 (NET-192-74-224-0-1) 192.74.224.0 - 192.74.255.255\r\nPT-82-6 (NET-198-200-32-0-1) 198.200.32.0 - 198.200.63.255" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }