{ "type": "bundle", "id": "bundle--5773639a-f104-49a0-b26c-4228950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:02:09.000Z", "modified": "2016-06-29T06:02:09.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5773639a-f104-49a0-b26c-4228950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:02:09.000Z", "modified": "2016-06-29T06:02:09.000Z", "name": "Malspam 2016-06-29 (campaign subject: 'new invoice')", "published": "2016-06-29T07:41:04Z", "object_refs": [ "indicator--5773642b-68b8-4e24-9fe1-4a57950d210f", "indicator--5773642c-e87c-49cb-8498-465f950d210f", "indicator--5773642c-36a8-431e-abdc-40b7950d210f", "indicator--5773642d-8538-49b3-a605-4bf5950d210f", "indicator--5773642d-c344-46b8-aa85-45b5950d210f", "indicator--5773642d-c854-421c-8575-453a950d210f", "indicator--5773642e-c2a8-426f-9f81-4926950d210f", "indicator--5773642e-9e20-43be-95df-4c08950d210f", "indicator--5773642f-35b0-4fa4-b2fc-407d950d210f", "indicator--5773642f-d344-486d-958d-49cf950d210f", "indicator--5773642f-4f54-41d8-b6b3-4267950d210f", "indicator--57736430-88a4-4262-b58a-429f950d210f", "indicator--57736430-a4e8-4708-81ce-4834950d210f", "indicator--57736431-cb90-4541-b40b-4b88950d210f", "indicator--57736431-05bc-4219-9c94-42ee950d210f", "indicator--57736431-6afc-4abe-af1c-4d94950d210f", "indicator--57736432-c310-4af6-a258-4ef7950d210f", "indicator--57736432-eb40-4dc2-8cf6-48d3950d210f", "indicator--57736433-a13c-4101-bcf2-4110950d210f", "indicator--57736433-0308-4a7a-89c7-4109950d210f", "indicator--57736434-ce98-48a7-9b3b-4104950d210f", "indicator--57736434-e3e0-448d-a690-44c9950d210f", "indicator--57736434-3928-4960-850f-4dd4950d210f", "indicator--57736435-e300-4e61-90a9-4fc0950d210f", "indicator--57736435-8470-423d-821a-49f6950d210f", "indicator--57736436-63b4-4393-8b74-4ecb950d210f", "indicator--57736436-2d3c-4d80-b49b-4663950d210f", "indicator--57736436-7664-48c1-b0f8-4fe8950d210f", "indicator--57736437-f524-4c45-b820-45bd950d210f", "indicator--57736437-6ee0-4977-a319-422a950d210f", "indicator--57736438-a7f4-444a-a24e-47c4950d210f", "indicator--57736438-be48-463a-8d23-4924950d210f", "indicator--57736438-aee0-42bb-9c94-4444950d210f", "indicator--57736438-2a3c-4fcc-adf9-4fc2950d210f", "indicator--57736439-6cf0-418c-b739-4405950d210f", "indicator--57736439-5ab8-4a94-be8b-4dfd950d210f", "indicator--57736439-3fe8-432c-88e3-4b6c950d210f", "indicator--57736439-e100-4906-a870-4ca3950d210f", "indicator--57736439-87c0-42ba-81ae-4223950d210f", "indicator--57736439-3370-42e1-a628-44a6950d210f", "indicator--5773643a-1ed8-4b9d-a223-477f950d210f", "indicator--5773643a-7118-45d0-ade9-4fa8950d210f", "indicator--5773643a-34c4-4ec3-8f48-4b8f950d210f", "indicator--5773643a-84d0-4ac0-8b8a-41cc950d210f", "indicator--5773643a-3304-4b55-a11e-4fdb950d210f", "indicator--5773643a-c40c-47af-a0fd-406e950d210f", "indicator--5773643b-e75c-4af5-8096-4733950d210f", "indicator--5773643b-c108-4857-85f3-451b950d210f", "indicator--5773643b-5d44-4c46-ab30-4df8950d210f", "indicator--5773643b-6e00-46d9-a71e-4998950d210f", "indicator--5773643b-0bc0-4aba-8bbf-44a0950d210f", "indicator--5773643b-f0e0-4d40-930a-4488950d210f", "indicator--5773643c-d954-4702-be64-42b9950d210f", "indicator--5773643c-14e4-4878-9ec3-4afe950d210f", "indicator--5773643c-2e08-4e53-ad30-41fa950d210f", "indicator--5773643c-3dbc-4a43-9774-4cc5950d210f", "indicator--5773643c-6724-4096-ac0d-4541950d210f", "indicator--5773643d-ecac-401a-a3c5-455f950d210f", "indicator--5773643d-2804-4fee-b739-4095950d210f", "indicator--5773643d-a614-43b0-a6be-44bb950d210f", "indicator--5773643d-5840-4024-bbcc-45de950d210f", "indicator--5773643d-dec4-42e8-9b12-45e9950d210f", "indicator--5773643d-03fc-44c5-a13c-4168950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642b-68b8-4e24-9fe1-4a57950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:15.000Z", "modified": "2016-06-29T06:01:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.25.1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642c-e87c-49cb-8498-465f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:16.000Z", "modified": "2016-06-29T06:01:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.234.160.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642c-36a8-431e-abdc-40b7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:16.000Z", "modified": "2016-06-29T06:01:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.42.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642d-8538-49b3-a605-4bf5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:17.000Z", "modified": "2016-06-29T06:01:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.153.73.196']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642d-c344-46b8-aa85-45b5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:17.000Z", "modified": "2016-06-29T06:01:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '166.63.125.135']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642d-c854-421c-8575-453a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:17.000Z", "modified": "2016-06-29T06:01:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.254.62.52']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642e-c2a8-426f-9f81-4926950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:18.000Z", "modified": "2016-06-29T06:01:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.165.49.173']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642e-9e20-43be-95df-4c08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:18.000Z", "modified": "2016-06-29T06:01:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.40.77.144']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642f-35b0-4fa4-b2fc-407d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:19.000Z", "modified": "2016-06-29T06:01:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.225.43']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642f-d344-486d-958d-49cf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:19.000Z", "modified": "2016-06-29T06:01:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.36.128']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773642f-4f54-41d8-b6b3-4267950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:19.000Z", "modified": "2016-06-29T06:01:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.251.225']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736430-88a4-4262-b58a-429f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:20.000Z", "modified": "2016-06-29T06:01:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.203.99.113']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736430-a4e8-4708-81ce-4834950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:20.000Z", "modified": "2016-06-29T06:01:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.3.96.72']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736431-cb90-4541-b40b-4b88950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:21.000Z", "modified": "2016-06-29T06:01:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.1.71.135']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736431-05bc-4219-9c94-42ee950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:21.000Z", "modified": "2016-06-29T06:01:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.204.248.105']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736431-6afc-4abe-af1c-4d94950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:21.000Z", "modified": "2016-06-29T06:01:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.219']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736432-c310-4af6-a258-4ef7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:22.000Z", "modified": "2016-06-29T06:01:22.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.49']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736432-eb40-4dc2-8cf6-48d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:22.000Z", "modified": "2016-06-29T06:01:22.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736433-a13c-4101-bcf2-4110950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:23.000Z", "modified": "2016-06-29T06:01:23.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.76.156.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736433-0308-4a7a-89c7-4109950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:23.000Z", "modified": "2016-06-29T06:01:23.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '223.130.27.201']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736434-ce98-48a7-9b3b-4104950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:24.000Z", "modified": "2016-06-29T06:01:24.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.131.128']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736434-e3e0-448d-a690-44c9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:24.000Z", "modified": "2016-06-29T06:01:24.000Z", "description": "download location", "pattern": "[domain-name:value = '51939812.de.strato-hosting.eu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736434-3928-4960-850f-4dd4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:24.000Z", "modified": "2016-06-29T06:01:24.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.14.3.195']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736435-e300-4e61-90a9-4fc0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:25.000Z", "modified": "2016-06-29T06:01:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.37.237.59']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736435-8470-423d-821a-49f6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:25.000Z", "modified": "2016-06-29T06:01:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.50.161.218']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736436-63b4-4393-8b74-4ecb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:26.000Z", "modified": "2016-06-29T06:01:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.147.244.210']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736436-2d3c-4d80-b49b-4663950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:26.000Z", "modified": "2016-06-29T06:01:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.27.174.10']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736436-7664-48c1-b0f8-4fe8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:26.000Z", "modified": "2016-06-29T06:01:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.24.186.235']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736437-f524-4c45-b820-45bd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:27.000Z", "modified": "2016-06-29T06:01:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.174.64.15']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736437-6ee0-4977-a319-422a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:27.000Z", "modified": "2016-06-29T06:01:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.174.64.211']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736438-a7f4-444a-a24e-47c4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:28.000Z", "modified": "2016-06-29T06:01:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.150.6.143']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736438-be48-463a-8d23-4924950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:28.000Z", "modified": "2016-06-29T06:01:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.74.144.35']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736438-aee0-42bb-9c94-4444950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:28.000Z", "modified": "2016-06-29T06:01:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.145.153']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736438-2a3c-4fcc-adf9-4fc2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:28.000Z", "modified": "2016-06-29T06:01:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.145.77']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736439-6cf0-418c-b739-4405950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:29.000Z", "modified": "2016-06-29T06:01:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.196.20.133']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736439-5ab8-4a94-be8b-4dfd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:29.000Z", "modified": "2016-06-29T06:01:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.24.1.16']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736439-3fe8-432c-88e3-4b6c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:29.000Z", "modified": "2016-06-29T06:01:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.235.64.44']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736439-e100-4906-a870-4ca3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:29.000Z", "modified": "2016-06-29T06:01:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.17.4.180']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736439-87c0-42ba-81ae-4223950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:29.000Z", "modified": "2016-06-29T06:01:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.193.69.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57736439-3370-42e1-a628-44a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:29.000Z", "modified": "2016-06-29T06:01:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.42.39.160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643a-1ed8-4b9d-a223-477f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:30.000Z", "modified": "2016-06-29T06:01:30.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.223.216.66']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643a-7118-45d0-ade9-4fa8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:30.000Z", "modified": "2016-06-29T06:01:30.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '97.79.237.82']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643a-34c4-4ec3-8f48-4b8f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:30.000Z", "modified": "2016-06-29T06:01:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'restteamusa.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643a-84d0-4ac0-8b8a-41cc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:30.000Z", "modified": "2016-06-29T06:01:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'verifythevote.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643a-3304-4b55-a11e-4fdb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:30.000Z", "modified": "2016-06-29T06:01:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'abligl.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643a-c40c-47af-a0fd-406e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:30.000Z", "modified": "2016-06-29T06:01:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'alaptare.home.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643b-e75c-4af5-8096-4733950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:31.000Z", "modified": "2016-06-29T06:01:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'bolloevcenter.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643b-c108-4857-85f3-451b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:31.000Z", "modified": "2016-06-29T06:01:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'btc4kids.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643b-5d44-4c46-ab30-4df8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:31.000Z", "modified": "2016-06-29T06:01:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'btcgroup.lgg.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643b-6e00-46d9-a71e-4998950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:31.000Z", "modified": "2016-06-29T06:01:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'btkdev.lgg.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643b-0bc0-4aba-8bbf-44a0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:31.000Z", "modified": "2016-06-29T06:01:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'century21keim.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643b-f0e0-4d40-930a-4488950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:31.000Z", "modified": "2016-06-29T06:01:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'certifiedbanker.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643c-d954-4702-be64-42b9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:32.000Z", "modified": "2016-06-29T06:01:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'clients.seospell.co.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643c-14e4-4878-9ec3-4afe950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:32.000Z", "modified": "2016-06-29T06:01:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'denzil.com.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643c-2e08-4e53-ad30-41fa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:32.000Z", "modified": "2016-06-29T06:01:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'empiredeckandfence.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643c-3dbc-4a43-9774-4cc5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:32.000Z", "modified": "2016-06-29T06:01:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'giftskeys.ts9.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643c-6724-4096-ac0d-4541950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:32.000Z", "modified": "2016-06-29T06:01:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'girlsfashion.home.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643d-ecac-401a-a3c5-455f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:33.000Z", "modified": "2016-06-29T06:01:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'grantica.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643d-2804-4fee-b739-4095950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:33.000Z", "modified": "2016-06-29T06:01:33.000Z", "description": "download location", "pattern": "[url:value = 'http://188.165.49.173/~user/300lqhp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643d-a614-43b0-a6be-44bb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:33.000Z", "modified": "2016-06-29T06:01:33.000Z", "description": "download location", "pattern": "[url:value = 'http://51939812.de.strato-hosting.eu/ww0pj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643d-5840-4024-bbcc-45de950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:33.000Z", "modified": "2016-06-29T06:01:33.000Z", "description": "download location", "pattern": "[url:value = 'http://66.147.244.210/~rainbilc/51at7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643d-dec4-42e8-9b12-45e9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:33.000Z", "modified": "2016-06-29T06:01:33.000Z", "description": "download location", "pattern": "[url:value = 'http://83.235.64.44/~typecent/jp0crlu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5773643d-03fc-44c5-a13c-4168950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-29T06:01:33.000Z", "modified": "2016-06-29T06:01:33.000Z", "description": "download location", "pattern": "[url:value = 'http://RESTTEAMUSA.COM/db8m9d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-29T06:01:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }