{ "type": "bundle", "id": "bundle--576cee20-2a04-4683-aae1-441c950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:47.000Z", "modified": "2016-06-24T08:25:47.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--576cee20-2a04-4683-aae1-441c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:47.000Z", "modified": "2016-06-24T08:25:47.000Z", "name": "Malspam 2016-06-23 (Locky)", "published": "2016-06-24T09:19:56Z", "object_refs": [ "indicator--576cee58-cb54-4014-80cf-400d950d210f", "indicator--576cee58-71ac-47a8-a5e6-445b950d210f", "indicator--576cee59-c558-49bf-a6bc-4f18950d210f", "indicator--576cee59-96bc-4a74-9905-46de950d210f", "indicator--576cee59-8884-4c6a-9a9e-4ae6950d210f", "indicator--576cee59-ac34-43d8-ad91-49b0950d210f", "indicator--576cee5a-9858-4ff4-b1f2-402a950d210f", "indicator--576cee5a-80a0-41a7-a225-4346950d210f", "indicator--576cee5a-8f14-4d0a-9a39-4951950d210f", "indicator--576cee5a-b09c-4399-aa85-43c2950d210f", "indicator--576cee5a-9158-42ee-88ec-4d7c950d210f", "indicator--576cee5a-e2c8-46f9-89dc-4473950d210f", "indicator--576cee5b-3a38-4993-b7cb-479d950d210f", "indicator--576cee5b-ca0c-43bb-a495-4090950d210f", "indicator--576cee5b-a0e8-472e-ae60-4d90950d210f", "indicator--576cee5b-cce8-4406-8d1c-4625950d210f", "indicator--576cee5b-d298-4215-b7f2-4d39950d210f", "indicator--576cee5c-a99c-41c4-ac28-45c1950d210f", "indicator--576cee5c-46dc-4d6f-862d-429a950d210f", "indicator--576cee5c-db70-4575-9b36-41c4950d210f", "indicator--576cee5c-9bd4-4310-9596-408f950d210f", "indicator--576cee5c-09fc-482f-9f46-425e950d210f", "indicator--576cee5c-40a8-47ac-a9d5-4317950d210f", "indicator--576cee5d-80c8-4c06-8467-4cd6950d210f", "indicator--576cee5d-db80-4a23-94e1-40ee950d210f", "indicator--576cee5d-7228-402a-b627-42f9950d210f", "indicator--576cee5d-d40c-46ca-bab5-49b3950d210f", "indicator--576cee5d-2998-4042-ad3a-413b950d210f", "indicator--576cee5d-8944-459c-86a6-43f8950d210f", "indicator--576cee5e-86b0-4504-915a-4dc2950d210f", "indicator--576cee5e-f258-41d5-abeb-4703950d210f", "indicator--576cee5e-4cf4-4aa6-b6d6-4736950d210f", "indicator--576cee5e-c240-4aeb-aede-42d6950d210f", "indicator--576cee5e-bee8-4927-8665-4acb950d210f", "indicator--576cee5f-8000-481b-af42-4f8d950d210f", "indicator--576cee5f-fba8-4a02-b234-4778950d210f", "indicator--576cee5f-a1f8-4acb-afe5-4020950d210f", "indicator--576cee5f-9c78-476f-af3e-45d1950d210f", "indicator--576cee5f-fe68-42bf-b66f-4e98950d210f", "indicator--576cee5f-8bdc-44bf-b09f-45f1950d210f", "indicator--576cee60-09a8-4f62-b338-45ec950d210f", "indicator--576cee60-8aa8-4608-97da-41f1950d210f", "indicator--576cee60-29e4-400a-9847-4986950d210f", "indicator--576cee60-7694-4db3-85d0-41de950d210f", "indicator--576cee60-c6c8-48da-8d2c-48d5950d210f", "indicator--576cee60-67c4-44b3-a751-4e75950d210f", "indicator--576cee61-89b0-4616-905d-45d3950d210f", "indicator--576cee61-b3c4-4447-8683-4a5a950d210f", "indicator--576cee61-7f64-467a-9174-4d6f950d210f", "indicator--576cee61-df80-4163-a0f1-44b8950d210f", "indicator--576cee61-d814-480f-b86d-4d4f950d210f", "indicator--576cee61-4fa8-4e98-8540-45c5950d210f", "indicator--576cee62-b4d8-4018-a7a5-41f2950d210f", "indicator--576cee62-81c8-4d9a-969e-45a9950d210f", "indicator--576cee62-e148-499c-95f2-4ffa950d210f", "indicator--576cee62-591c-4c86-b5bb-4171950d210f", "indicator--576cee62-cebc-44c1-b802-4f8b950d210f", "indicator--576cee62-d2ec-48d6-b8a1-4d18950d210f", "indicator--576cee63-d83c-4bd2-bab2-4013950d210f", "indicator--576cee63-5838-4000-9043-45aa950d210f", "indicator--576cee63-6afc-480b-8e47-4700950d210f", "indicator--576cee63-9398-4acf-888c-4cc5950d210f", "indicator--576cee63-c0e4-4290-9575-43d6950d210f", "indicator--576cee64-79b8-4e33-b8ca-4840950d210f", "indicator--576cee64-3f2c-423b-840c-492e950d210f", "indicator--576cee64-1e04-4aed-8afe-432f950d210f", "indicator--576cee64-41cc-473e-bf71-445e950d210f", "indicator--576cee64-8c38-4e0d-b163-4a04950d210f", "indicator--576cee64-2ccc-4e70-a492-405a950d210f", "indicator--576cee65-e54c-4465-b826-426c950d210f", "indicator--576cee65-d264-4df6-95bb-43c3950d210f", "indicator--576cee65-8b60-493b-9f3f-4951950d210f", "indicator--576cee65-afe8-4517-b490-4f3e950d210f", "indicator--576cee65-eaa0-4394-bcb1-4af7950d210f", "indicator--576cee65-d6c0-4a74-8cd8-44e1950d210f", "indicator--576cee66-4e00-4e54-821f-4331950d210f", "indicator--576cee66-7344-4dc4-aed7-47a6950d210f", "indicator--576cee66-0c78-4ce3-9e32-4e30950d210f", "indicator--576cee66-5fb0-4d71-814d-4299950d210f", "indicator--576cee66-65c8-4104-ba59-43ef950d210f", "indicator--576cee66-a8e8-4ed0-b375-4bdd950d210f", "indicator--576cee67-19f4-4dff-9593-4c92950d210f", "indicator--576cee67-5098-4e47-9614-4d3a950d210f", "indicator--576cee67-c65c-4ab6-9fa0-414d950d210f", "indicator--576cee67-222c-4837-9ac6-4779950d210f", "indicator--576cee67-d7f8-4a99-80a1-4330950d210f", "indicator--576cee67-6bc8-44f2-8a22-4581950d210f", "indicator--576cee68-e9e4-44b2-a98a-4c52950d210f", "indicator--576cee68-51f4-45aa-9ad9-4c6e950d210f", "indicator--576cee68-70f4-43ba-9ff7-4b5a950d210f", "indicator--576cee68-ecdc-4e49-9e5f-4152950d210f", "indicator--576cee68-88b8-4ccf-aaf0-43b7950d210f", "indicator--576cee69-c930-4e2a-acce-4b65950d210f", "indicator--576cee69-6904-4708-b2b1-4908950d210f", "indicator--576cee69-68ac-4400-8c72-42f5950d210f", "indicator--576cee69-f11c-4439-a73a-473b950d210f", "indicator--576cee69-0824-4eee-854e-4ba0950d210f", "indicator--576cee69-6f78-416a-874c-4127950d210f", "indicator--576cee6a-173c-47a3-bdb9-4e21950d210f", "indicator--576cee6a-9e60-4ac4-9442-467e950d210f", "indicator--576cee6a-9410-477a-8fa0-4cbf950d210f", "indicator--576cee6a-eb1c-40e5-acf6-47c3950d210f", "indicator--576cee6a-c1ec-4976-830b-458c950d210f", "indicator--576cee6b-6274-4f50-9cd1-4b90950d210f", "indicator--576cee6b-5b84-4ca6-bacc-4b5b950d210f", "indicator--576cee6b-50b4-4aa3-999e-4844950d210f", "indicator--576cee6b-1ac8-4a58-ab80-4e95950d210f", "indicator--576cee6b-1218-4ac1-8459-4a87950d210f", "indicator--576cee6b-98f0-4789-8085-4046950d210f", "indicator--576cee6c-98b4-453c-a045-42e7950d210f", "indicator--576cee6c-06f8-400b-a801-4ef1950d210f", "indicator--576cee6c-9a94-4328-8f1c-41d3950d210f", "indicator--576cee6c-ace8-4364-a4bd-440a950d210f", "indicator--576cee6c-2d0c-4e6e-bcea-4430950d210f", "indicator--576cee6d-36b0-432e-98bc-4c92950d210f", "indicator--576cee6d-271c-4cd7-a4c0-448e950d210f", "indicator--576cee6d-f2d8-4369-9fbf-417e950d210f", "indicator--576cee6d-47dc-47c4-8094-487f950d210f", "indicator--576cee6d-f8a0-4e17-aeec-4a52950d210f", "indicator--576cee6d-52d8-4786-b7c9-49f6950d210f", "indicator--576cee6e-d88c-4ae6-972c-43e7950d210f", "indicator--576cee6e-ae4c-4a57-bc13-490c950d210f", "indicator--576cee6e-e794-423f-a372-4c61950d210f", "indicator--576cee6e-a20c-4756-aadf-4276950d210f", "indicator--576cee6e-f15c-4e18-bc37-402e950d210f", "indicator--576cee6e-d068-41b7-b221-4e25950d210f", "indicator--576cee6f-a788-43f6-a102-422d950d210f", "indicator--576cee6f-dc30-406b-a585-4417950d210f", "indicator--576cee6f-7c54-4215-80d5-47cd950d210f", "indicator--576cee6f-2884-4a6e-a734-4684950d210f", "indicator--576cee6f-0f54-47ff-892c-45d9950d210f", "indicator--576cee70-5454-40ca-b536-4cd0950d210f", "indicator--576cee70-8138-4d51-ae35-4d92950d210f", "indicator--576cee70-73a4-451a-8605-4099950d210f", "indicator--576cee70-1acc-4994-801c-4936950d210f", "indicator--576cee70-86f4-4a98-8f07-4c07950d210f", "indicator--576cee71-cbe0-436a-a139-45eb950d210f", "indicator--576cee71-c9cc-4c90-829f-4469950d210f", "indicator--576cee71-bee0-4ddf-881c-4cec950d210f", "indicator--576cee71-18c0-45eb-a043-4a86950d210f", "indicator--576cee71-a374-4e1f-9409-49dc950d210f", "indicator--576cee72-673c-488a-a3d1-465a950d210f", "indicator--576cee72-d058-41eb-a0a2-4755950d210f", "indicator--576cee72-3700-41f6-a1bf-483e950d210f", "indicator--576cee72-6bd4-4cab-8211-44a7950d210f", "indicator--576cee72-aa30-461c-b58d-4454950d210f", "indicator--576cee73-3df0-4fb7-a397-4eb2950d210f", "indicator--576cee73-6504-4441-bc71-4e92950d210f", "indicator--576cee73-35bc-4d08-b6f7-4b40950d210f", "indicator--576cee73-38ac-4474-8526-4e7c950d210f", "x-misp-attribute--576cee8b-b888-45a1-af24-4e2b950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"", "veris:action:malware:variety=\"Ransomware\"", "ecsirt:malicious-code=\"ransomware\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee58-cb54-4014-80cf-400d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:56.000Z", "modified": "2016-06-24T08:24:56.000Z", "description": "download location", "pattern": "[url:value = 'http://focolareostuni.it/0k2ren']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee58-71ac-47a8-a5e6-445b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:56.000Z", "modified": "2016-06-24T08:24:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'focolareostuni.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee59-c558-49bf-a6bc-4f18950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:57.000Z", "modified": "2016-06-24T08:24:57.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.73.226.220']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee59-96bc-4a74-9905-46de950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:57.000Z", "modified": "2016-06-24T08:24:57.000Z", "description": "download location", "pattern": "[url:value = 'http://4k18.com/u69f97']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee59-8884-4c6a-9a9e-4ae6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:57.000Z", "modified": "2016-06-24T08:24:57.000Z", "description": "download location", "pattern": "[domain-name:value = '4k18.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee59-ac34-43d8-ad91-49b0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:57.000Z", "modified": "2016-06-24T08:24:57.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.152.168.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5a-9858-4ff4-b1f2-402a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:57.000Z", "modified": "2016-06-24T08:24:57.000Z", "description": "download location", "pattern": "[url:value = 'http://arogyaforhealth.com/jujg6ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5a-80a0-41a7-a225-4346950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:58.000Z", "modified": "2016-06-24T08:24:58.000Z", "description": "download location", "pattern": "[domain-name:value = 'arogyaforhealth.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5a-8f14-4d0a-9a39-4951950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:58.000Z", "modified": "2016-06-24T08:24:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.65.228']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5a-b09c-4399-aa85-43c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:58.000Z", "modified": "2016-06-24T08:24:58.000Z", "description": "download location", "pattern": "[url:value = 'http://empiredeckandfence.com/h2uppib']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5a-9158-42ee-88ec-4d7c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:58.000Z", "modified": "2016-06-24T08:24:58.000Z", "description": "download location", "pattern": "[domain-name:value = 'empiredeckandfence.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5a-e2c8-46f9-89dc-4473950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:58.000Z", "modified": "2016-06-24T08:24:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.225.43']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5b-3a38-4993-b7cb-479d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:59.000Z", "modified": "2016-06-24T08:24:59.000Z", "description": "download location", "pattern": "[url:value = 'http://margohack.za.pl/wkiokl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5b-ca0c-43bb-a495-4090950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:59.000Z", "modified": "2016-06-24T08:24:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'margohack.za.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5b-a0e8-472e-ae60-4d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:59.000Z", "modified": "2016-06-24T08:24:59.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.203.99.113']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5b-cce8-4406-8d1c-4625950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:59.000Z", "modified": "2016-06-24T08:24:59.000Z", "description": "download location", "pattern": "[url:value = 'http://bobbysinghwpg.com/pdqcqlnr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5b-d298-4215-b7f2-4d39950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:59.000Z", "modified": "2016-06-24T08:24:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'bobbysinghwpg.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5c-a99c-41c4-ac28-45c1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:24:59.000Z", "modified": "2016-06-24T08:24:59.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.246.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:24:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5c-46dc-4d6f-862d-429a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:00.000Z", "modified": "2016-06-24T08:25:00.000Z", "description": "download location", "pattern": "[url:value = 'http://abligl.com/8v62l4i4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5c-db70-4575-9b36-41c4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:00.000Z", "modified": "2016-06-24T08:25:00.000Z", "description": "download location", "pattern": "[domain-name:value = 'abligl.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5c-9bd4-4310-9596-408f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:00.000Z", "modified": "2016-06-24T08:25:00.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.153.73.196']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5c-09fc-482f-9f46-425e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:00.000Z", "modified": "2016-06-24T08:25:00.000Z", "description": "download location", "pattern": "[url:value = 'http://mycreativeprint.com/mqib9te']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5c-40a8-47ac-a9d5-4317950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:00.000Z", "modified": "2016-06-24T08:25:00.000Z", "description": "download location", "pattern": "[domain-name:value = 'mycreativeprint.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5d-80c8-4c06-8467-4cd6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:01.000Z", "modified": "2016-06-24T08:25:01.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.6.198.185']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5d-db80-4a23-94e1-40ee950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:01.000Z", "modified": "2016-06-24T08:25:01.000Z", "description": "download location", "pattern": "[url:value = 'http://bptec.ir/kvk9leho']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5d-7228-402a-b627-42f9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:01.000Z", "modified": "2016-06-24T08:25:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'bptec.ir']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5d-d40c-46ca-bab5-49b3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:01.000Z", "modified": "2016-06-24T08:25:01.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.38.60.148']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5d-2998-4042-ad3a-413b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:01.000Z", "modified": "2016-06-24T08:25:01.000Z", "description": "download location", "pattern": "[url:value = 'http://www.keven.site.aplus.net/fmlonxl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5d-8944-459c-86a6-43f8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:01.000Z", "modified": "2016-06-24T08:25:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.keven.site.aplus.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5e-86b0-4504-915a-4dc2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:02.000Z", "modified": "2016-06-24T08:25:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.29.151.221']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5e-f258-41d5-abeb-4703950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:02.000Z", "modified": "2016-06-24T08:25:02.000Z", "description": "download location", "pattern": "[url:value = 'http://cond.gribochechki.ru/zibni']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5e-4cf4-4aa6-b6d6-4736950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:02.000Z", "modified": "2016-06-24T08:25:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'cond.gribochechki.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5e-c240-4aeb-aede-42d6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:02.000Z", "modified": "2016-06-24T08:25:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '143.95.250.67']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5e-bee8-4927-8665-4acb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:02.000Z", "modified": "2016-06-24T08:25:02.000Z", "description": "download location", "pattern": "[url:value = 'http://redpower.com.au/xlkdld']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5f-8000-481b-af42-4f8d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:03.000Z", "modified": "2016-06-24T08:25:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'redpower.com.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5f-fba8-4a02-b234-4778950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:03.000Z", "modified": "2016-06-24T08:25:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.132.10.3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5f-a1f8-4acb-afe5-4020950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:03.000Z", "modified": "2016-06-24T08:25:03.000Z", "description": "download location", "pattern": "[url:value = 'http://www.ellicottcitypediatrics.com/7d6sdl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5f-9c78-476f-af3e-45d1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:03.000Z", "modified": "2016-06-24T08:25:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.ellicottcitypediatrics.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5f-fe68-42bf-b66f-4e98950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:03.000Z", "modified": "2016-06-24T08:25:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.33.222.26']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee5f-8bdc-44bf-b09f-45f1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:03.000Z", "modified": "2016-06-24T08:25:03.000Z", "description": "download location", "pattern": "[url:value = 'http://ideograph.com/k7qfsxx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee60-09a8-4f62-b338-45ec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:04.000Z", "modified": "2016-06-24T08:25:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'ideograph.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee60-8aa8-4608-97da-41f1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:04.000Z", "modified": "2016-06-24T08:25:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '75.119.198.150']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee60-29e4-400a-9847-4986950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:04.000Z", "modified": "2016-06-24T08:25:04.000Z", "description": "download location", "pattern": "[url:value = 'http://grantica.ru/6hjli']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee60-7694-4db3-85d0-41de950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:04.000Z", "modified": "2016-06-24T08:25:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'grantica.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee60-c6c8-48da-8d2c-48d5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:04.000Z", "modified": "2016-06-24T08:25:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.174.64.15']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee60-67c4-44b3-a751-4e75950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:04.000Z", "modified": "2016-06-24T08:25:04.000Z", "description": "download location", "pattern": "[url:value = 'http://disneyexperience.com/psyyhe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee61-89b0-4616-905d-45d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:05.000Z", "modified": "2016-06-24T08:25:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'disneyexperience.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee61-b3c4-4447-8683-4a5a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:05.000Z", "modified": "2016-06-24T08:25:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.254.188.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee61-7f64-467a-9174-4d6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:05.000Z", "modified": "2016-06-24T08:25:05.000Z", "description": "download location", "pattern": "[url:value = 'http://boranwebshop.nl/ggc7ld']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee61-df80-4163-a0f1-44b8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:05.000Z", "modified": "2016-06-24T08:25:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'boranwebshop.nl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee61-d814-480f-b86d-4d4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:05.000Z", "modified": "2016-06-24T08:25:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.226.62.141']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee61-4fa8-4e98-8540-45c5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:05.000Z", "modified": "2016-06-24T08:25:05.000Z", "description": "download location", "pattern": "[url:value = 'http://aberfoyledental.ca/6dil05']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee62-b4d8-4018-a7a5-41f2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:06.000Z", "modified": "2016-06-24T08:25:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'aberfoyledental.ca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee62-81c8-4d9a-969e-45a9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:06.000Z", "modified": "2016-06-24T08:25:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.156.240.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee62-e148-499c-95f2-4ffa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:06.000Z", "modified": "2016-06-24T08:25:06.000Z", "description": "download location", "pattern": "[url:value = 'http://clients.seospell.co.in/fkn67zy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee62-591c-4c86-b5bb-4171950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:06.000Z", "modified": "2016-06-24T08:25:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'clients.seospell.co.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee62-cebc-44c1-b802-4f8b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:06.000Z", "modified": "2016-06-24T08:25:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.131.128']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee62-d2ec-48d6-b8a1-4d18950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:06.000Z", "modified": "2016-06-24T08:25:06.000Z", "description": "download location", "pattern": "[url:value = 'http://climairuk.com/h32k491o']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee63-d83c-4bd2-bab2-4013950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:07.000Z", "modified": "2016-06-24T08:25:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'climairuk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee63-5838-4000-9043-45aa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:07.000Z", "modified": "2016-06-24T08:25:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.118.237.109']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee63-6afc-480b-8e47-4700950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:07.000Z", "modified": "2016-06-24T08:25:07.000Z", "description": "download location", "pattern": "[url:value = 'http://century21keim.com/c7xb2xy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee63-9398-4acf-888c-4cc5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:07.000Z", "modified": "2016-06-24T08:25:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'century21keim.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee63-c0e4-4290-9575-43d6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:07.000Z", "modified": "2016-06-24T08:25:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.204.248.105']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee64-79b8-4e33-b8ca-4840950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:08.000Z", "modified": "2016-06-24T08:25:08.000Z", "description": "download location", "pattern": "[url:value = 'http://www.darkhollowcoffee.com/oqlyd9m']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee64-3f2c-423b-840c-492e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:08.000Z", "modified": "2016-06-24T08:25:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.darkhollowcoffee.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee64-1e04-4aed-8afe-432f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:08.000Z", "modified": "2016-06-24T08:25:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.175.58.9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee64-41cc-473e-bf71-445e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:08.000Z", "modified": "2016-06-24T08:25:08.000Z", "description": "download location", "pattern": "[url:value = 'http://euro-support.be/rdl3n7u']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee64-8c38-4e0d-b163-4a04950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:08.000Z", "modified": "2016-06-24T08:25:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'euro-support.be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee64-2ccc-4e70-a492-405a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:08.000Z", "modified": "2016-06-24T08:25:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.62.167.160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee65-e54c-4465-b826-426c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:09.000Z", "modified": "2016-06-24T08:25:09.000Z", "description": "download location", "pattern": "[url:value = 'http://matvil8.freehostia.com/64tmb1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee65-d264-4df6-95bb-43c3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:09.000Z", "modified": "2016-06-24T08:25:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'matvil8.freehostia.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee65-8b60-493b-9f3f-4951950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:09.000Z", "modified": "2016-06-24T08:25:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.102.232']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee65-afe8-4517-b490-4f3e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:09.000Z", "modified": "2016-06-24T08:25:09.000Z", "description": "download location", "pattern": "[url:value = 'http://freesource.su/ijugasq1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee65-eaa0-4394-bcb1-4af7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:09.000Z", "modified": "2016-06-24T08:25:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'freesource.su']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee65-d6c0-4a74-8cd8-44e1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:09.000Z", "modified": "2016-06-24T08:25:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '136.243.176.66']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee66-4e00-4e54-821f-4331950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:10.000Z", "modified": "2016-06-24T08:25:10.000Z", "description": "download location", "pattern": "[url:value = 'http://cg.wandashops.com/evqbfwkx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee66-7344-4dc4-aed7-47a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:10.000Z", "modified": "2016-06-24T08:25:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'cg.wandashops.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee66-0c78-4ce3-9e32-4e30950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:10.000Z", "modified": "2016-06-24T08:25:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.25.235.209']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee66-5fb0-4d71-814d-4299950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:10.000Z", "modified": "2016-06-24T08:25:10.000Z", "description": "download location", "pattern": "[url:value = 'http://adbm.co.uk/1o2wejz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee66-65c8-4104-ba59-43ef950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:10.000Z", "modified": "2016-06-24T08:25:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'adbm.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee66-a8e8-4ed0-b375-4bdd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:10.000Z", "modified": "2016-06-24T08:25:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.6.169.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee67-19f4-4dff-9593-4c92950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:11.000Z", "modified": "2016-06-24T08:25:11.000Z", "description": "download location", "pattern": "[url:value = 'http://capitalwomanmagazine.ca/6k1oig']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee67-5098-4e47-9614-4d3a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:11.000Z", "modified": "2016-06-24T08:25:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'capitalwomanmagazine.ca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee67-c65c-4ab6-9fa0-414d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:11.000Z", "modified": "2016-06-24T08:25:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '65.39.184.151']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee67-222c-4837-9ac6-4779950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:11.000Z", "modified": "2016-06-24T08:25:11.000Z", "description": "download location", "pattern": "[url:value = 'http://babycotsonline.com/ph42q6ue']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee67-d7f8-4a99-80a1-4330950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:11.000Z", "modified": "2016-06-24T08:25:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'babycotsonline.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee67-6bc8-44f2-8a22-4581950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:11.000Z", "modified": "2016-06-24T08:25:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.146.153']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee68-e9e4-44b2-a98a-4c52950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:12.000Z", "modified": "2016-06-24T08:25:12.000Z", "description": "download location", "pattern": "[url:value = 'http://bilgoray.com/vi5sfu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee68-51f4-45aa-9ad9-4c6e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:12.000Z", "modified": "2016-06-24T08:25:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'bilgoray.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee68-70f4-43ba-9ff7-4b5a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:12.000Z", "modified": "2016-06-24T08:25:12.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.120.252.191']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee68-ecdc-4e49-9e5f-4152950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:12.000Z", "modified": "2016-06-24T08:25:12.000Z", "description": "download location", "pattern": "[url:value = 'http://tip.ub.ac.id/k2e32vh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee68-88b8-4ccf-aaf0-43b7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:12.000Z", "modified": "2016-06-24T08:25:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'tip.ub.ac.id']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee69-c930-4e2a-acce-4b65950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:13.000Z", "modified": "2016-06-24T08:25:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '175.45.184.160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee69-6904-4708-b2b1-4908950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:13.000Z", "modified": "2016-06-24T08:25:13.000Z", "description": "download location", "pattern": "[url:value = 'http://promoresults.com.au/gx4al']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee69-68ac-4400-8c72-42f5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:13.000Z", "modified": "2016-06-24T08:25:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'promoresults.com.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee69-f11c-4439-a73a-473b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:13.000Z", "modified": "2016-06-24T08:25:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.124.241.203']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee69-0824-4eee-854e-4ba0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:13.000Z", "modified": "2016-06-24T08:25:13.000Z", "description": "download location", "pattern": "[url:value = 'http://immoclic.o2switch.net/styvuwti']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee69-6f78-416a-874c-4127950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:13.000Z", "modified": "2016-06-24T08:25:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'immoclic.o2switch.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6a-173c-47a3-bdb9-4e21950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:14.000Z", "modified": "2016-06-24T08:25:14.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.234.160.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6a-9e60-4ac4-9442-467e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:14.000Z", "modified": "2016-06-24T08:25:14.000Z", "description": "download location", "pattern": "[url:value = 'http://www.centroinfantilelmolino.com/60wfh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6a-9410-477a-8fa0-4cbf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:14.000Z", "modified": "2016-06-24T08:25:14.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.centroinfantilelmolino.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6a-eb1c-40e5-acf6-47c3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:14.000Z", "modified": "2016-06-24T08:25:14.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.76.156.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6a-c1ec-4976-830b-458c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:14.000Z", "modified": "2016-06-24T08:25:14.000Z", "description": "download location", "pattern": "[url:value = 'http://karl-lee.se/x23ft']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6b-6274-4f50-9cd1-4b90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:15.000Z", "modified": "2016-06-24T08:25:15.000Z", "description": "download location", "pattern": "[domain-name:value = 'karl-lee.se']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6b-5b84-4ca6-bacc-4b5b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:15.000Z", "modified": "2016-06-24T08:25:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.247.170.75']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6b-50b4-4aa3-999e-4844950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:15.000Z", "modified": "2016-06-24T08:25:15.000Z", "description": "download location", "pattern": "[url:value = 'http://atlantaelectronics.co.id/quv7rcc1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6b-1ac8-4a58-ab80-4e95950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:15.000Z", "modified": "2016-06-24T08:25:15.000Z", "description": "download location", "pattern": "[domain-name:value = 'atlantaelectronics.co.id']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6b-1218-4ac1-8459-4a87950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:15.000Z", "modified": "2016-06-24T08:25:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.241.184.10']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6b-98f0-4789-8085-4046950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:15.000Z", "modified": "2016-06-24T08:25:15.000Z", "description": "download location", "pattern": "[url:value = 'http://oakashandthorn.charybdis.seedboxes.cc/f7ge4y3k']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6c-98b4-453c-a045-42e7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:16.000Z", "modified": "2016-06-24T08:25:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'oakashandthorn.charybdis.seedboxes.cc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6c-06f8-400b-a801-4ef1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:16.000Z", "modified": "2016-06-24T08:25:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.149.90.4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6c-9a94-4328-8f1c-41d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:16.000Z", "modified": "2016-06-24T08:25:16.000Z", "description": "download location", "pattern": "[url:value = 'http://certifiedbanker.org/obmv6590']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6c-ace8-4364-a4bd-440a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:16.000Z", "modified": "2016-06-24T08:25:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'certifiedbanker.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6c-2d0c-4e6e-bcea-4430950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:16.000Z", "modified": "2016-06-24T08:25:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '166.63.125.135']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6d-36b0-432e-98bc-4c92950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:16.000Z", "modified": "2016-06-24T08:25:16.000Z", "description": "download location", "pattern": "[url:value = 'http://honeystays.co.za/siu2k']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6d-271c-4cd7-a4c0-448e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:17.000Z", "modified": "2016-06-24T08:25:17.000Z", "description": "download location", "pattern": "[domain-name:value = 'honeystays.co.za']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6d-f2d8-4369-9fbf-417e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:17.000Z", "modified": "2016-06-24T08:25:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.40.0.214']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6d-47dc-47c4-8094-487f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:17.000Z", "modified": "2016-06-24T08:25:17.000Z", "description": "download location", "pattern": "[url:value = 'http://elviraminkina.com/ojyq1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6d-f8a0-4e17-aeec-4a52950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:17.000Z", "modified": "2016-06-24T08:25:17.000Z", "description": "download location", "pattern": "[domain-name:value = 'elviraminkina.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6d-52d8-4786-b7c9-49f6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:17.000Z", "modified": "2016-06-24T08:25:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '146.120.112.197']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6e-d88c-4ae6-972c-43e7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:18.000Z", "modified": "2016-06-24T08:25:18.000Z", "description": "download location", "pattern": "[url:value = 'http://dentalshop4you.nl/m22brjfz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6e-ae4c-4a57-bc13-490c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:18.000Z", "modified": "2016-06-24T08:25:18.000Z", "description": "download location", "pattern": "[domain-name:value = 'dentalshop4you.nl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6e-e794-423f-a372-4c61950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:18.000Z", "modified": "2016-06-24T08:25:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.226.62.145']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6e-a20c-4756-aadf-4276950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:18.000Z", "modified": "2016-06-24T08:25:18.000Z", "description": "download location", "pattern": "[url:value = 'http://angeelle.nichost.ru/y6s1y9h']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6e-f15c-4e18-bc37-402e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:18.000Z", "modified": "2016-06-24T08:25:18.000Z", "description": "download location", "pattern": "[domain-name:value = 'angeelle.nichost.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6e-d068-41b7-b221-4e25950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:18.000Z", "modified": "2016-06-24T08:25:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.208.0.136']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6f-a788-43f6-a102-422d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:19.000Z", "modified": "2016-06-24T08:25:19.000Z", "description": "download location", "pattern": "[url:value = 'http://3141592.ru/wyesvj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6f-dc30-406b-a585-4417950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:19.000Z", "modified": "2016-06-24T08:25:19.000Z", "description": "download location", "pattern": "[domain-name:value = '3141592.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6f-7c54-4215-80d5-47cd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:19.000Z", "modified": "2016-06-24T08:25:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.53.126.193']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6f-2884-4a6e-a734-4684950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:19.000Z", "modified": "2016-06-24T08:25:19.000Z", "description": "download location", "pattern": "[url:value = 'http://climatizareonline.ro/azkqs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee6f-0f54-47ff-892c-45d9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:19.000Z", "modified": "2016-06-24T08:25:19.000Z", "description": "download location", "pattern": "[domain-name:value = 'climatizareonline.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee70-5454-40ca-b536-4cd0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:20.000Z", "modified": "2016-06-24T08:25:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.36.135.166']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee70-8138-4d51-ae35-4d92950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:20.000Z", "modified": "2016-06-24T08:25:20.000Z", "description": "download location", "pattern": "[url:value = 'http://pipt.wallst.ru/qojqp2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee70-73a4-451a-8605-4099950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:20.000Z", "modified": "2016-06-24T08:25:20.000Z", "description": "download location", "pattern": "[domain-name:value = 'pipt.wallst.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee70-1acc-4994-801c-4936950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:20.000Z", "modified": "2016-06-24T08:25:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.46.196.141']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee70-86f4-4a98-8f07-4c07950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:20.000Z", "modified": "2016-06-24T08:25:20.000Z", "description": "download location", "pattern": "[url:value = 'http://imetinyang.za.pl/74hd4by5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee71-cbe0-436a-a139-45eb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:21.000Z", "modified": "2016-06-24T08:25:21.000Z", "description": "download location", "pattern": "[domain-name:value = 'imetinyang.za.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee71-c9cc-4c90-829f-4469950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:21.000Z", "modified": "2016-06-24T08:25:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.203.99.111']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee71-bee0-4ddf-881c-4cec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:21.000Z", "modified": "2016-06-24T08:25:21.000Z", "description": "download location", "pattern": "[url:value = 'http://barum.de/c2blg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee71-18c0-45eb-a043-4a86950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:21.000Z", "modified": "2016-06-24T08:25:21.000Z", "description": "download location", "pattern": "[domain-name:value = 'barum.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee71-a374-4e1f-9409-49dc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:21.000Z", "modified": "2016-06-24T08:25:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.78.166.19']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee72-673c-488a-a3d1-465a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:22.000Z", "modified": "2016-06-24T08:25:22.000Z", "description": "download location", "pattern": "[url:value = 'http://cameramartusa.info/xrfpm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee72-d058-41eb-a0a2-4755950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:22.000Z", "modified": "2016-06-24T08:25:22.000Z", "description": "download location", "pattern": "[domain-name:value = 'cameramartusa.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee72-3700-41f6-a1bf-483e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:22.000Z", "modified": "2016-06-24T08:25:22.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.24.238']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee72-6bd4-4cab-8211-44a7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:22.000Z", "modified": "2016-06-24T08:25:22.000Z", "description": "download location", "pattern": "[url:value = 'http://jd-products.nl/xjld131']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee72-aa30-461c-b58d-4454950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:22.000Z", "modified": "2016-06-24T08:25:22.000Z", "description": "download location", "pattern": "[domain-name:value = 'jd-products.nl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee73-3df0-4fb7-a397-4eb2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:23.000Z", "modified": "2016-06-24T08:25:23.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.96.159.64']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee73-6504-4441-bc71-4e92950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:23.000Z", "modified": "2016-06-24T08:25:23.000Z", "description": "download location", "pattern": "[url:value = 'http://beautifulhosting.com.au/rxn80']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee73-35bc-4d08-b6f7-4b40950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:23.000Z", "modified": "2016-06-24T08:25:23.000Z", "description": "download location", "pattern": "[domain-name:value = 'beautifulhosting.com.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--576cee73-38ac-4474-8526-4e7c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:23.000Z", "modified": "2016-06-24T08:25:23.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.178.249']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-24T08:25:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--576cee8b-b888-45a1-af24-4e2b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-24T08:25:47.000Z", "modified": "2016-06-24T08:25:47.000Z", "labels": [ "misp:type=\"user-agent\"", "misp:category=\"Network activity\"" ], "x_misp_category": "Network activity", "x_misp_type": "user-agent", "x_misp_value": "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)" } ] }