{ "type": "bundle", "id": "bundle--57c7d398-3440-41b9-8339-4e1e950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:09:59.000Z", "modified": "2016-09-01T07:09:59.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57c7d398-3440-41b9-8339-4e1e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:09:59.000Z", "modified": "2016-09-01T07:09:59.000Z", "name": "Malspam 2016-09-01 (.js in .zip) - campaign: \"flight tickets\"", "published": "2016-09-01T07:10:33Z", "object_refs": [ "indicator--57c7d3e6-5b94-48ca-912b-4cd1950d210f", "indicator--57c7d3e7-d8e4-4ab4-a939-4d43950d210f", "indicator--57c7d3e7-6bb8-40da-ac3a-44ce950d210f", "indicator--57c7d3e7-f8ec-4671-a3b7-4d9e950d210f", "indicator--57c7d3e7-2e30-4600-93a1-4716950d210f", "indicator--57c7d3e7-2608-4fe3-ab42-41c2950d210f", "indicator--57c7d3e8-9840-4703-888a-42b2950d210f", "indicator--57c7d3e8-d12c-4ea7-8503-4dcc950d210f", "indicator--57c7d3e8-d830-47e4-9b62-43b7950d210f", "indicator--57c7d3e8-96c4-4f7d-a5fd-441a950d210f", "indicator--57c7d3e9-cbac-4691-bc15-4723950d210f", "indicator--57c7d3e9-340c-48e9-8b68-4246950d210f", "indicator--57c7d3e9-3488-4c61-bca2-4967950d210f", "indicator--57c7d3e9-5e1c-4911-8153-4160950d210f", "indicator--57c7d3e9-c654-4543-8ff6-4e0a950d210f", "indicator--57c7d3ea-e174-452d-bd53-47a9950d210f", "indicator--57c7d3ea-1c88-4a99-919d-4799950d210f", "indicator--57c7d3ea-6f58-449e-9668-40a6950d210f", "indicator--57c7d3ea-1830-493c-bedc-4b0e950d210f", "indicator--57c7d3ea-1974-4696-b64f-4ca1950d210f", "indicator--57c7d3eb-af04-473d-a179-4fc1950d210f", "indicator--57c7d3eb-d118-4d30-93d1-406d950d210f", "indicator--57c7d3eb-37c0-4a97-b650-4ff8950d210f", "indicator--57c7d3eb-50dc-4c1c-8ed7-4855950d210f", "indicator--57c7d3ec-1468-4f88-8007-4df8950d210f", "indicator--57c7d3ec-80f8-43ab-8703-4343950d210f", "indicator--57c7d3ec-ad84-48bd-924f-491c950d210f", "indicator--57c7d3ec-7c40-40ca-9629-4eb6950d210f", "indicator--57c7d3ec-1e50-4275-8e17-44fc950d210f", "indicator--57c7d3ed-a064-477d-ab61-4883950d210f", "indicator--57c7d3ed-3e54-4f02-b301-4f5b950d210f", "indicator--57c7d3ed-9198-4a7e-98f6-4a23950d210f", "indicator--57c7d3ed-95e4-411a-900b-4dd7950d210f", "indicator--57c7d3ee-8ff8-40c9-862c-4b8d950d210f", "indicator--57c7d3ee-69e4-4e52-98d0-40b3950d210f", "indicator--57c7d3ee-7534-4fd7-a0de-443d950d210f", "indicator--57c7d3ee-36a8-4b14-9765-4707950d210f", "indicator--57c7d3ee-efc4-47f4-807d-4678950d210f", "indicator--57c7d3ef-3398-4323-8d5c-43c0950d210f", "indicator--57c7d3ef-af18-46d9-9bc3-466d950d210f", "indicator--57c7d3ef-81fc-4f13-a862-4c18950d210f", "indicator--57c7d3ef-b3f8-405a-a5ad-465c950d210f", "indicator--57c7d3f0-bf70-4f7e-9f70-42be950d210f", "indicator--57c7d3f0-8ec8-4684-b098-4135950d210f", "indicator--57c7d3f0-ef98-4d80-b748-4323950d210f", "indicator--57c7d3f0-c2d0-4481-a798-486b950d210f", "indicator--57c7d3f0-6488-469a-b176-4845950d210f", "indicator--57c7d3f1-de40-4367-9737-4099950d210f", "indicator--57c7d3f1-b730-4df1-b9ad-453f950d210f", "indicator--57c7d3f1-b0b8-4027-9f87-4585950d210f", "indicator--57c7d3f1-6914-46cb-bbcf-421e950d210f", "indicator--57c7d3f1-2e04-4db0-8c8a-4f5f950d210f", "indicator--57c7d3f2-0194-4fd4-85a2-4721950d210f", "indicator--57c7d3f2-e1d0-4b8f-aad5-43dd950d210f", "indicator--57c7d3f2-df48-4aae-8144-40d7950d210f", "indicator--57c7d3f2-a104-463c-8909-45c6950d210f", "indicator--57c7d3f2-9d50-49e1-a472-4772950d210f", "indicator--57c7d3f3-55ec-4701-a550-4dbb950d210f", "indicator--57c7d3f3-f820-4199-bf3d-461f950d210f", "indicator--57c7d3f3-5be0-4bbc-82c0-41ef950d210f", "indicator--57c7d3f3-0740-4cd8-aeed-430b950d210f", "indicator--57c7d3f4-8068-4213-ab95-41f8950d210f", "indicator--57c7d3f4-5e94-4268-81f8-4f4c950d210f", "indicator--57c7d3f4-b1e0-49b4-a1a5-4866950d210f", "indicator--57c7d3f4-dc70-4051-87cd-45de950d210f", "indicator--57c7d3f4-95f0-4a14-9f53-4cfd950d210f", "indicator--57c7d3f5-6fb4-41c9-93c8-49f3950d210f", "indicator--57c7d3f5-601c-4301-a503-4d92950d210f", "indicator--57c7d3f5-4444-4a6c-9dbd-4542950d210f", "indicator--57c7d3f5-3054-411b-baf9-4138950d210f", "indicator--57c7d3f5-c82c-42a0-b8eb-4d74950d210f", "indicator--57c7d3f6-10b4-4972-867a-4031950d210f", "indicator--57c7d3f6-bed0-4f71-9b1d-401f950d210f", "indicator--57c7d3f6-3058-448c-878b-491f950d210f", "indicator--57c7d3f6-bfd4-49a5-87b1-4869950d210f", "indicator--57c7d3f7-ab80-4bf5-a24e-481b950d210f", "indicator--57c7d3f7-bd44-48a5-aa06-4c87950d210f", "indicator--57c7d3f7-e89c-4420-8047-491e950d210f", "indicator--57c7d3f7-3ec4-4f76-9003-4295950d210f", "indicator--57c7d3f7-48f4-4d01-9cf2-4f77950d210f", "indicator--57c7d3f8-2dd4-44b8-bb82-4290950d210f", "indicator--57c7d3f8-a4a4-4876-b8ef-466f950d210f", "indicator--57c7d3f8-48d4-46b2-9a8a-4144950d210f", "indicator--57c7d3f8-8144-407e-9ef4-4cd8950d210f", "indicator--57c7d3f9-9284-487b-b729-4cc4950d210f", "indicator--57c7d3f9-0b40-4e59-98f9-4258950d210f", "indicator--57c7d3f9-3e3c-488f-887b-45c0950d210f", "indicator--57c7d3f9-d8a0-4b12-9c7d-4d28950d210f", "indicator--57c7d3f9-e3bc-472d-932e-465f950d210f", "indicator--57c7d3fa-57f4-4016-ae83-44ff950d210f", "indicator--57c7d3fa-ff0c-4840-91c5-4b4e950d210f", "indicator--57c7d3fa-288c-4b1f-b78b-4d2b950d210f", "indicator--57c7d3fa-720c-4f5f-ba06-4381950d210f", "indicator--57c7d3fb-8de8-406e-bc7c-44b4950d210f", "indicator--57c7d3fb-78f8-4a4c-8d60-4d5e950d210f", "indicator--57c7d3fb-d4e8-454b-bce4-43ff950d210f", "indicator--57c7d3fb-6650-4701-abbe-4bbd950d210f", "indicator--57c7d3fb-3cf8-4daa-9324-449a950d210f", "indicator--57c7d3fc-fd0c-4442-b557-4391950d210f", "indicator--57c7d3fc-c884-4a7e-881e-4d31950d210f", "indicator--57c7d3fc-99e4-4f13-90d4-4eb1950d210f", "indicator--57c7d3fc-7440-4916-b99b-42a4950d210f", "indicator--57c7d3fd-5d0c-463d-a195-46f8950d210f", "indicator--57c7d3fd-ee80-4f31-87be-49e6950d210f", "indicator--57c7d3fd-f530-4118-ac5e-4180950d210f", "indicator--57c7d3fd-1f54-4da5-ac1e-4f9a950d210f", "indicator--57c7d3fd-e8f4-45f2-979a-4ce6950d210f", "indicator--57c7d3fe-27e8-4504-a3c8-466c950d210f", "indicator--57c7d3fe-edb0-4678-b76b-41a3950d210f", "indicator--57c7d3fe-40ec-4d4e-b036-4571950d210f", "indicator--57c7d3fe-bfdc-4e0b-b002-4fab950d210f", "indicator--57c7d3fe-a580-4dc7-83be-4895950d210f", "indicator--57c7d3ff-8270-462c-9b45-4f7b950d210f", "indicator--57c7d3ff-29c4-48ac-9a5b-47e9950d210f", "indicator--57c7d3ff-e12c-4ecd-b0c4-4369950d210f", "indicator--57c7d3ff-650c-4504-91a3-472e950d210f", "indicator--57c7d400-de74-445a-ba4b-4d45950d210f", "indicator--57c7d400-6970-4103-802c-4dcf950d210f", "indicator--57c7d400-ba70-4046-858c-4c86950d210f", "indicator--57c7d400-fb98-423d-97cc-49b3950d210f", "indicator--57c7d400-de00-4753-b6a7-44b5950d210f", "indicator--57c7d401-5b20-435c-a874-435a950d210f", "indicator--57c7d401-5900-4f96-ad95-4655950d210f", "indicator--57c7d401-6ed4-43b9-97cc-4d4f950d210f", "indicator--57c7d401-c174-44e8-b828-4697950d210f", "indicator--57c7d401-93ac-49df-8c69-404f950d210f", "indicator--57c7d402-12a4-4aad-b560-4ec4950d210f", "indicator--57c7d402-67c0-44df-a947-41f3950d210f", "indicator--57c7d402-f4a8-4aaa-8ea9-41ad950d210f", "indicator--57c7d402-6008-49d8-942f-4cf5950d210f", "indicator--57c7d403-8870-46f0-a07c-4bb6950d210f", "indicator--57c7d403-cfc4-4155-8611-419f950d210f", "indicator--57c7d403-5338-4aaf-83a6-4a0a950d210f", "indicator--57c7d403-8a0c-4a98-b242-4aa4950d210f", "indicator--57c7d403-fdd4-4a88-abf0-4df0950d210f", "indicator--57c7d404-c1f0-4eff-9447-469f950d210f", "indicator--57c7d404-0f60-4ce5-a151-4f69950d210f", "indicator--57c7d404-1c94-43c6-bedd-4adc950d210f", "indicator--57c7d404-6390-437b-89a1-4436950d210f", "indicator--57c7d405-69e8-4110-8cde-459a950d210f", "indicator--57c7d405-e4e8-46a1-bd16-42ae950d210f", "indicator--57c7d405-f768-49b3-a075-4a7a950d210f", "indicator--57c7d405-0d70-4f2e-a5ca-4907950d210f", "indicator--57c7d405-279c-4369-8b94-4f86950d210f", "indicator--57c7d406-9468-49ff-a552-4eb6950d210f", "indicator--57c7d406-6734-4640-8b73-4bb5950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e6-5b94-48ca-912b-4cd1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:22.000Z", "modified": "2016-09-01T07:08:22.000Z", "description": "download location", "pattern": "[url:value = 'http://mambarambaro.ws/0kuhj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e7-d8e4-4ab4-a939-4d43950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:23.000Z", "modified": "2016-09-01T07:08:23.000Z", "description": "download location", "pattern": "[domain-name:value = 'mambarambaro.ws']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e7-6bb8-40da-ac3a-44ce950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:23.000Z", "modified": "2016-09-01T07:08:23.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.69.147.88']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e7-f8ec-4671-a3b7-4d9e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:23.000Z", "modified": "2016-09-01T07:08:23.000Z", "description": "download location", "pattern": "[url:value = 'http://timetobuymlw.in/1x3xiq5i']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e7-2e30-4600-93a1-4716950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:23.000Z", "modified": "2016-09-01T07:08:23.000Z", "description": "download location", "pattern": "[domain-name:value = 'timetobuymlw.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e7-2608-4fe3-ab42-41c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:23.000Z", "modified": "2016-09-01T07:08:23.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.99.111.28']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e8-9840-4703-888a-42b2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:24.000Z", "modified": "2016-09-01T07:08:24.000Z", "description": "download location", "pattern": "[url:value = 'http://virmalw.name/31fwt4cs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e8-d12c-4ea7-8503-4dcc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:24.000Z", "modified": "2016-09-01T07:08:24.000Z", "description": "download location", "pattern": "[domain-name:value = 'virmalw.name']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e8-d830-47e4-9b62-43b7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:24.000Z", "modified": "2016-09-01T07:08:24.000Z", "description": "download location", "pattern": "[url:value = 'http://www.luigigiordano.org/njkg8j']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e8-96c4-4f7d-a5fd-441a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:24.000Z", "modified": "2016-09-01T07:08:24.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.luigigiordano.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e9-cbac-4691-bc15-4723950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:25.000Z", "modified": "2016-09-01T07:08:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e9-340c-48e9-8b68-4246950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:25.000Z", "modified": "2016-09-01T07:08:25.000Z", "description": "download location", "pattern": "[url:value = 'http://w07q93g5g.homepage.t-online.de/b20pqog6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e9-3488-4c61-bca2-4967950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:25.000Z", "modified": "2016-09-01T07:08:25.000Z", "description": "download location", "pattern": "[domain-name:value = 'w07q93g5g.homepage.t-online.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e9-5e1c-4911-8153-4160950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:25.000Z", "modified": "2016-09-01T07:08:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.150.6.138']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3e9-c654-4543-8ff6-4e0a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:25.000Z", "modified": "2016-09-01T07:08:25.000Z", "description": "download location", "pattern": "[url:value = 'http://bookinghotworld.ws/03o9ztt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ea-e174-452d-bd53-47a9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:26.000Z", "modified": "2016-09-01T07:08:26.000Z", "description": "download location", "pattern": "[domain-name:value = 'bookinghotworld.ws']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ea-1c88-4a99-919d-4799950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:26.000Z", "modified": "2016-09-01T07:08:26.000Z", "description": "download location", "pattern": "[url:value = 'http://a-tconsulting.co.uk/jjn76fc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ea-6f58-449e-9668-40a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:26.000Z", "modified": "2016-09-01T07:08:26.000Z", "description": "download location", "pattern": "[domain-name:value = 'a-tconsulting.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ea-1830-493c-bedc-4b0e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:26.000Z", "modified": "2016-09-01T07:08:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.159.9.91']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ea-1974-4696-b64f-4ca1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:26.000Z", "modified": "2016-09-01T07:08:26.000Z", "description": "download location", "pattern": "[url:value = 'http://malwinstall.wang/0b9zg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3eb-af04-473d-a179-4fc1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:27.000Z", "modified": "2016-09-01T07:08:27.000Z", "description": "download location", "pattern": "[file:name = 'malwinstall.wang']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3eb-d118-4d30-93d1-406d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:27.000Z", "modified": "2016-09-01T07:08:27.000Z", "description": "download location", "pattern": "[url:value = 'http://aromas-naturales.50webs.com/87bou8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3eb-37c0-4a97-b650-4ff8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:27.000Z", "modified": "2016-09-01T07:08:27.000Z", "description": "download location", "pattern": "[domain-name:value = 'aromas-naturales.50webs.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3eb-50dc-4c1c-8ed7-4855950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:27.000Z", "modified": "2016-09-01T07:08:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.101.117']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ec-1468-4f88-8007-4df8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:28.000Z", "modified": "2016-09-01T07:08:28.000Z", "description": "download location", "pattern": "[url:value = 'http://powermax.ru/fqte8le']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ec-80f8-43ab-8703-4343950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:28.000Z", "modified": "2016-09-01T07:08:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'powermax.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ec-ad84-48bd-924f-491c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:28.000Z", "modified": "2016-09-01T07:08:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.189.197.56']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ec-7c40-40ca-9629-4eb6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:28.000Z", "modified": "2016-09-01T07:08:28.000Z", "description": "download location", "pattern": "[url:value = 'http://www.download.extraslot.ru/hvuns']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ec-1e50-4275-8e17-44fc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:28.000Z", "modified": "2016-09-01T07:08:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.download.extraslot.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ed-a064-477d-ab61-4883950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:29.000Z", "modified": "2016-09-01T07:08:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.173.139.197']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ed-3e54-4f02-b301-4f5b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:29.000Z", "modified": "2016-09-01T07:08:29.000Z", "description": "download location", "pattern": "[url:value = 'http://stiopka.atspace.com/7k5i3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ed-9198-4a7e-98f6-4a23950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:29.000Z", "modified": "2016-09-01T07:08:29.000Z", "description": "download location", "pattern": "[domain-name:value = 'stiopka.atspace.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ed-95e4-411a-900b-4dd7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:29.000Z", "modified": "2016-09-01T07:08:29.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.197.131.109']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ee-8ff8-40c9-862c-4b8d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:30.000Z", "modified": "2016-09-01T07:08:30.000Z", "description": "download location", "pattern": "[url:value = 'http://sonaeyou1.web.fc2.com/vfzrxb9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ee-69e4-4e52-98d0-40b3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:30.000Z", "modified": "2016-09-01T07:08:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'sonaeyou1.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ee-7534-4fd7-a0de-443d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:30.000Z", "modified": "2016-09-01T07:08:30.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.48']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ee-36a8-4b14-9765-4707950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:30.000Z", "modified": "2016-09-01T07:08:30.000Z", "description": "download location", "pattern": "[url:value = 'http://yhinas.hanagumori.com/31fwt4cs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ee-efc4-47f4-807d-4678950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:30.000Z", "modified": "2016-09-01T07:08:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'yhinas.hanagumori.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ef-3398-4323-8d5c-43c0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:31.000Z", "modified": "2016-09-01T07:08:31.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.42.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ef-af18-46d9-9bc3-466d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:31.000Z", "modified": "2016-09-01T07:08:31.000Z", "description": "download location", "pattern": "[url:value = 'http://www.assonet.org/3dhsh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ef-81fc-4f13-a862-4c18950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:31.000Z", "modified": "2016-09-01T07:08:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.assonet.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ef-b3f8-405a-a5ad-465c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:31.000Z", "modified": "2016-09-01T07:08:31.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.78.215.76']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f0-bf70-4f7e-9f70-42be950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:32.000Z", "modified": "2016-09-01T07:08:32.000Z", "description": "download location", "pattern": "[url:value = 'http://simo62.web.fc2.com/yywcdpbu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f0-8ec8-4684-b098-4135950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:32.000Z", "modified": "2016-09-01T07:08:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'simo62.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f0-ef98-4d80-b748-4323950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:32.000Z", "modified": "2016-09-01T07:08:32.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f0-c2d0-4481-a798-486b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:32.000Z", "modified": "2016-09-01T07:08:32.000Z", "description": "download location", "pattern": "[url:value = 'http://rakutenjapan.web.fc2.com/hwhi3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f0-6488-469a-b176-4845950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:32.000Z", "modified": "2016-09-01T07:08:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'rakutenjapan.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f1-de40-4367-9737-4099950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:33.000Z", "modified": "2016-09-01T07:08:33.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.49']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f1-b730-4df1-b9ad-453f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:33.000Z", "modified": "2016-09-01T07:08:33.000Z", "description": "download location", "pattern": "[url:value = 'http://www.avisgibellina.it/k6h6i7we']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f1-b0b8-4027-9f87-4585950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:33.000Z", "modified": "2016-09-01T07:08:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.avisgibellina.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f1-6914-46cb-bbcf-421e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:33.000Z", "modified": "2016-09-01T07:08:33.000Z", "description": "download location", "pattern": "[url:value = 'http://footballsoccerdvd.web.fc2.com/54u78']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f1-2e04-4db0-8c8a-4f5f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:33.000Z", "modified": "2016-09-01T07:08:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'footballsoccerdvd.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f2-0194-4fd4-85a2-4721950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:34.000Z", "modified": "2016-09-01T07:08:34.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.41']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f2-e1d0-4b8f-aad5-43dd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:34.000Z", "modified": "2016-09-01T07:08:34.000Z", "description": "download location", "pattern": "[url:value = 'http://www.redanchemical.com/dtzg24s']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f2-df48-4aae-8144-40d7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:34.000Z", "modified": "2016-09-01T07:08:34.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.redanchemical.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f2-a104-463c-8909-45c6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:34.000Z", "modified": "2016-09-01T07:08:34.000Z", "description": "download location", "pattern": "[url:value = 'http://www.itogazaidan.jp/hnnencdd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f2-9d50-49e1-a472-4772950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:34.000Z", "modified": "2016-09-01T07:08:34.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.itogazaidan.jp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f3-55ec-4701-a550-4dbb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:35.000Z", "modified": "2016-09-01T07:08:35.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.161.160.157']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f3-f820-4199-bf3d-461f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:35.000Z", "modified": "2016-09-01T07:08:35.000Z", "description": "download location", "pattern": "[url:value = 'http://roger.pierrieau.perso.sfr.fr/68d8ti']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f3-5be0-4bbc-82c0-41ef950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:35.000Z", "modified": "2016-09-01T07:08:35.000Z", "description": "download location", "pattern": "[domain-name:value = 'roger.pierrieau.perso.sfr.fr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f3-0740-4cd8-aeed-430b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:35.000Z", "modified": "2016-09-01T07:08:35.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.65.123.70']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f4-8068-4213-ab95-41f8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:36.000Z", "modified": "2016-09-01T07:08:36.000Z", "description": "download location", "pattern": "[url:value = 'http://www.hotelancorariviera.com/tm0pnjrq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f4-5e94-4268-81f8-4f4c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:36.000Z", "modified": "2016-09-01T07:08:36.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.hotelancorariviera.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f4-b1e0-49b4-a1a5-4866950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:36.000Z", "modified": "2016-09-01T07:08:36.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.158.72.90']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f4-dc70-4051-87cd-45de950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:36.000Z", "modified": "2016-09-01T07:08:36.000Z", "description": "download location", "pattern": "[url:value = 'http://72.47.222.40/~princeton/59h385']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f4-95f0-4a14-9f53-4cfd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:36.000Z", "modified": "2016-09-01T07:08:36.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '72.47.222.40']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f5-6fb4-41c9-93c8-49f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:37.000Z", "modified": "2016-09-01T07:08:37.000Z", "description": "download location", "pattern": "[url:value = 'http://members.chello.at/~ferencs/oqqqu2ih']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f5-601c-4301-a503-4d92950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:37.000Z", "modified": "2016-09-01T07:08:37.000Z", "description": "download location", "pattern": "[domain-name:value = 'members.chello.at']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f5-4444-4a6c-9dbd-4542950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:37.000Z", "modified": "2016-09-01T07:08:37.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.109.240.79']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f5-3054-411b-baf9-4138950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:37.000Z", "modified": "2016-09-01T07:08:37.000Z", "description": "download location", "pattern": "[url:value = 'http://nibis.de/~ffsstade/53s67f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f5-c82c-42a0-b8eb-4d74950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:37.000Z", "modified": "2016-09-01T07:08:37.000Z", "description": "download location", "pattern": "[domain-name:value = 'nibis.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f6-10b4-4972-867a-4031950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:38.000Z", "modified": "2016-09-01T07:08:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.23.76.90']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f6-bed0-4f71-9b1d-401f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:38.000Z", "modified": "2016-09-01T07:08:38.000Z", "description": "download location", "pattern": "[url:value = 'http://user22393.vs.easily.co.uk/rq758n']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f6-3058-448c-878b-491f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:38.000Z", "modified": "2016-09-01T07:08:38.000Z", "description": "download location", "pattern": "[domain-name:value = 'user22393.vs.easily.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f6-bfd4-49a5-87b1-4869950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:38.000Z", "modified": "2016-09-01T07:08:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.194.151.38']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f7-ab80-4bf5-a24e-481b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:39.000Z", "modified": "2016-09-01T07:08:39.000Z", "description": "download location", "pattern": "[url:value = 'http://files.renderings.com/xyj4yct']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f7-bd44-48a5-aa06-4c87950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:39.000Z", "modified": "2016-09-01T07:08:39.000Z", "description": "download location", "pattern": "[domain-name:value = 'files.renderings.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f7-e89c-4420-8047-491e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:39.000Z", "modified": "2016-09-01T07:08:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '98.129.229.24']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f7-3ec4-4f76-9003-4295950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:39.000Z", "modified": "2016-09-01T07:08:39.000Z", "description": "download location", "pattern": "[url:value = 'http://www.francogatta.it/npoa0lzw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f7-48f4-4d01-9cf2-4f77950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:39.000Z", "modified": "2016-09-01T07:08:39.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.francogatta.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f8-2dd4-44b8-bb82-4290950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:40.000Z", "modified": "2016-09-01T07:08:40.000Z", "description": "download location", "pattern": "[url:value = 'http://www.engware.it/bqf58']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f8-a4a4-4876-b8ef-466f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:40.000Z", "modified": "2016-09-01T07:08:40.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.engware.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f8-48d4-46b2-9a8a-4144950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:40.000Z", "modified": "2016-09-01T07:08:40.000Z", "description": "download location", "pattern": "[url:value = 'http://www.themccrarys.us/p4xx86']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f8-8144-407e-9ef4-4cd8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:40.000Z", "modified": "2016-09-01T07:08:40.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.themccrarys.us']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f9-9284-487b-b729-4cc4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:41.000Z", "modified": "2016-09-01T07:08:41.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.29.151.221']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f9-0b40-4e59-98f9-4258950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:41.000Z", "modified": "2016-09-01T07:08:41.000Z", "description": "download location", "pattern": "[url:value = 'http://higashikurumesc.web.fc2.com/z3h30dd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f9-3e3c-488f-887b-45c0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:41.000Z", "modified": "2016-09-01T07:08:41.000Z", "description": "download location", "pattern": "[domain-name:value = 'higashikurumesc.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f9-d8a0-4b12-9c7d-4d28950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:41.000Z", "modified": "2016-09-01T07:08:41.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.37']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3f9-e3bc-472d-932e-465f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:41.000Z", "modified": "2016-09-01T07:08:41.000Z", "description": "download location", "pattern": "[url:value = 'http://kabunews.web.fc2.com/y5i8r']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fa-57f4-4016-ae83-44ff950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:42.000Z", "modified": "2016-09-01T07:08:42.000Z", "description": "download location", "pattern": "[domain-name:value = 'kabunews.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fa-ff0c-4840-91c5-4b4e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:42.000Z", "modified": "2016-09-01T07:08:42.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.43']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fa-288c-4b1f-b78b-4d2b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:42.000Z", "modified": "2016-09-01T07:08:42.000Z", "description": "download location", "pattern": "[url:value = 'http://reaktywacja.pawlov.cba.pl/87zji']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fa-720c-4f5f-ba06-4381950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:42.000Z", "modified": "2016-09-01T07:08:42.000Z", "description": "download location", "pattern": "[domain-name:value = 'reaktywacja.pawlov.cba.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fb-8de8-406e-bc7c-44b4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:43.000Z", "modified": "2016-09-01T07:08:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.144.65']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fb-78f8-4a4c-8d60-4d5e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:43.000Z", "modified": "2016-09-01T07:08:43.000Z", "description": "download location", "pattern": "[url:value = 'http://instalserie.pt/ofagf4n5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fb-d4e8-454b-bce4-43ff950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:43.000Z", "modified": "2016-09-01T07:08:43.000Z", "description": "download location", "pattern": "[domain-name:value = 'instalserie.pt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fb-6650-4701-abbe-4bbd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:43.000Z", "modified": "2016-09-01T07:08:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.88.57.70']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fb-3cf8-4daa-9324-449a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:43.000Z", "modified": "2016-09-01T07:08:43.000Z", "description": "download location", "pattern": "[url:value = 'http://nkbzryw.republika.pl/j6nl9gm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fc-fd0c-4442-b557-4391950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:44.000Z", "modified": "2016-09-01T07:08:44.000Z", "description": "download location", "pattern": "[domain-name:value = 'nkbzryw.republika.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fc-c884-4a7e-881e-4d31950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:44.000Z", "modified": "2016-09-01T07:08:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.180.150.17']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fc-99e4-4f13-90d4-4eb1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:44.000Z", "modified": "2016-09-01T07:08:44.000Z", "description": "download location", "pattern": "[url:value = 'http://www.francescafraioli.it/pzwnpmmy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fc-7440-4916-b99b-42a4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:44.000Z", "modified": "2016-09-01T07:08:44.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.francescafraioli.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fd-5d0c-463d-a195-46f8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:45.000Z", "modified": "2016-09-01T07:08:45.000Z", "description": "download location", "pattern": "[url:value = 'http://www.apmmc.it/u2d1j']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fd-ee80-4f31-87be-49e6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:45.000Z", "modified": "2016-09-01T07:08:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.apmmc.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fd-f530-4118-ac5e-4180950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:45.000Z", "modified": "2016-09-01T07:08:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.73.225.20']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fd-1f54-4da5-ac1e-4f9a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:45.000Z", "modified": "2016-09-01T07:08:45.000Z", "description": "download location", "pattern": "[url:value = 'http://sanluisweb.50webs.com/oi598tv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fd-e8f4-45f2-979a-4ce6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:45.000Z", "modified": "2016-09-01T07:08:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'sanluisweb.50webs.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fe-27e8-4504-a3c8-466c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:46.000Z", "modified": "2016-09-01T07:08:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.101.99']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fe-edb0-4678-b76b-41a3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:46.000Z", "modified": "2016-09-01T07:08:46.000Z", "description": "download location", "pattern": "[url:value = 'http://alc-okadakogyo.com/d3tcv1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fe-40ec-4d4e-b036-4571950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:46.000Z", "modified": "2016-09-01T07:08:46.000Z", "description": "download location", "pattern": "[domain-name:value = 'alc-okadakogyo.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fe-bfdc-4e0b-b002-4fab950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:46.000Z", "modified": "2016-09-01T07:08:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.157.28.18']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3fe-a580-4dc7-83be-4895950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:46.000Z", "modified": "2016-09-01T07:08:46.000Z", "description": "download location", "pattern": "[url:value = 'http://www.kreso.it/x6oj6v']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ff-8270-462c-9b45-4f7b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:47.000Z", "modified": "2016-09-01T07:08:47.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.kreso.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ff-29c4-48ac-9a5b-47e9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:47.000Z", "modified": "2016-09-01T07:08:47.000Z", "description": "download location", "pattern": "[url:value = 'http://18vek.spb.ru/p3isx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ff-e12c-4ecd-b0c4-4369950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:47.000Z", "modified": "2016-09-01T07:08:47.000Z", "description": "download location", "pattern": "[domain-name:value = '18vek.spb.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d3ff-650c-4504-91a3-472e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:47.000Z", "modified": "2016-09-01T07:08:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.148.216.220']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d400-de74-445a-ba4b-4d45950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:48.000Z", "modified": "2016-09-01T07:08:48.000Z", "description": "download location", "pattern": "[url:value = 'http://www.fmpromedia.com/fim8xbh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d400-6970-4103-802c-4dcf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:48.000Z", "modified": "2016-09-01T07:08:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.fmpromedia.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d400-ba70-4046-858c-4c86950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:48.000Z", "modified": "2016-09-01T07:08:48.000Z", "description": "download location", "pattern": "[url:value = 'http://brilli.dialogicnet.it/ceisystems.net/zxp2bczb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d400-fb98-423d-97cc-49b3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:48.000Z", "modified": "2016-09-01T07:08:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'brilli.dialogicnet.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d400-de00-4753-b6a7-44b5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:48.000Z", "modified": "2016-09-01T07:08:48.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.20.80.5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d401-5b20-435c-a874-435a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:49.000Z", "modified": "2016-09-01T07:08:49.000Z", "description": "download location", "pattern": "[url:value = 'http://www.end-motorsport.de/rjhae']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d401-5900-4f96-ad95-4655950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:49.000Z", "modified": "2016-09-01T07:08:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.end-motorsport.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d401-6ed4-43b9-97cc-4d4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:49.000Z", "modified": "2016-09-01T07:08:49.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.220.144.3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d401-c174-44e8-b828-4697950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:49.000Z", "modified": "2016-09-01T07:08:49.000Z", "description": "download location", "pattern": "[url:value = 'http://www.ieslamerced.es/zhjkqpkc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d401-93ac-49df-8c69-404f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:49.000Z", "modified": "2016-09-01T07:08:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.ieslamerced.es']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d402-12a4-4aad-b560-4ec4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:50.000Z", "modified": "2016-09-01T07:08:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.42.230.17']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d402-67c0-44df-a947-41f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:50.000Z", "modified": "2016-09-01T07:08:50.000Z", "description": "download location", "pattern": "[url:value = 'http://www.personalshoppingservice.it/pa51ijl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d402-f4a8-4aaa-8ea9-41ad950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:50.000Z", "modified": "2016-09-01T07:08:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.personalshoppingservice.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d402-6008-49d8-942f-4cf5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:50.000Z", "modified": "2016-09-01T07:08:50.000Z", "description": "download location", "pattern": "[url:value = 'http://convenilifecanbe.web.fc2.com/umnm0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d403-8870-46f0-a07c-4bb6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:51.000Z", "modified": "2016-09-01T07:08:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'convenilifecanbe.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d403-cfc4-4155-8611-419f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:51.000Z", "modified": "2016-09-01T07:08:51.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.39']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d403-5338-4aaf-83a6-4a0a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:51.000Z", "modified": "2016-09-01T07:08:51.000Z", "description": "download location", "pattern": "[url:value = 'http://76.74.242.140/~nonni416/19o5f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d403-8a0c-4a98-b242-4aa4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:51.000Z", "modified": "2016-09-01T07:08:51.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.74.242.140']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d403-fdd4-4a88-abf0-4df0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:51.000Z", "modified": "2016-09-01T07:08:51.000Z", "description": "download location", "pattern": "[url:value = 'http://finishcar.de/wyl4ps']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d404-c1f0-4eff-9447-469f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:52.000Z", "modified": "2016-09-01T07:08:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'finishcar.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d404-0f60-4ce5-a151-4f69950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:52.000Z", "modified": "2016-09-01T07:08:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.31.143.112']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d404-1c94-43c6-bedd-4adc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:52.000Z", "modified": "2016-09-01T07:08:52.000Z", "description": "download location", "pattern": "[url:value = 'http://csmwwst.de/eygrg56']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d404-6390-437b-89a1-4436950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:52.000Z", "modified": "2016-09-01T07:08:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'csmwwst.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d405-69e8-4110-8cde-459a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:53.000Z", "modified": "2016-09-01T07:08:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '87.238.192.102']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d405-e4e8-46a1-bd16-42ae950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:53.000Z", "modified": "2016-09-01T07:08:53.000Z", "description": "download location", "pattern": "[url:value = 'http://www.commentaborderunefille.fr/rwbnm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d405-f768-49b3-a075-4a7a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:53.000Z", "modified": "2016-09-01T07:08:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.commentaborderunefille.fr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d405-0d70-4f2e-a5ca-4907950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:53.000Z", "modified": "2016-09-01T07:08:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.186.33.4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d405-279c-4369-8b94-4f86950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:53.000Z", "modified": "2016-09-01T07:08:53.000Z", "description": "download location", "pattern": "[url:value = 'http://alc-okadakogyo.com/c4bl21']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d406-9468-49ff-a552-4eb6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:54.000Z", "modified": "2016-09-01T07:08:54.000Z", "description": "download location", "pattern": "[url:value = 'http://82.145.39.61/~ianjeffrey/c5esiqs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c7d406-6734-4640-8b73-4bb5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-01T07:08:54.000Z", "modified": "2016-09-01T07:08:54.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.145.39.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-01T07:08:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }