{ "type": "bundle", "id": "bundle--57dab16c-f32c-4634-b9f1-1b70950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:55.000Z", "modified": "2016-09-15T14:35:55.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57dab16c-f32c-4634-b9f1-1b70950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:55.000Z", "modified": "2016-09-15T14:35:55.000Z", "name": "Malspam 2016-09-15 (.wsf in .zip) - campaign: \"SCAN\"", "published": "2016-09-15T14:37:00Z", "object_refs": [ "indicator--57dab1a3-31a4-4aff-ac62-1b6f950d210f", "indicator--57dab1a4-7344-4c1e-86a4-1b6f950d210f", "indicator--57dab1a5-99c8-474f-bf39-1b6f950d210f", "indicator--57dab1a5-e708-4533-9750-1b6f950d210f", "indicator--57dab1a6-32f4-4749-8062-1b6f950d210f", "indicator--57dab1a6-a1b0-479d-9d60-1b6f950d210f", "indicator--57dab1a7-2a34-4596-b18a-1b6f950d210f", "indicator--57dab1a7-268c-4264-8710-1b6f950d210f", "indicator--57dab1a8-fe98-4d7d-8079-1b6f950d210f", "indicator--57dab1a8-d418-43a4-8f57-1b6f950d210f", "indicator--57dab1a9-7510-4d57-a8c8-1b6f950d210f", "indicator--57dab1a9-f740-454d-94d2-1b6f950d210f", "indicator--57dab1aa-c774-4cd5-a26f-1b6f950d210f", "indicator--57dab1aa-cd9c-4c41-bcce-1b6f950d210f", "indicator--57dab1ab-d770-4289-86e1-1b6f950d210f", "indicator--57dab1ac-c618-4533-8e1b-1b6f950d210f", "indicator--57dab1ac-e7dc-4cf7-bacb-1b6f950d210f", "indicator--57dab1ad-6424-4178-b11a-1b6f950d210f", "indicator--57dab1ad-c724-4daa-a2b4-1b6f950d210f", "indicator--57dab1ae-56ec-4a41-95dc-1b6f950d210f", "indicator--57dab1ae-d754-43a5-b1cc-1b6f950d210f", "indicator--57dab1af-caa8-4f5f-9195-1b6f950d210f", "indicator--57dab1af-e370-4974-8ef2-1b6f950d210f", "indicator--57dab1b0-47a0-43ab-85dd-1b6f950d210f", "indicator--57dab1b0-c87c-4853-99b6-1b6f950d210f", "indicator--57dab1b1-d25c-4c61-989c-1b6f950d210f", "indicator--57dab1b1-83c0-4d53-9d21-1b6f950d210f", "indicator--57dab1b2-0d74-4927-a1cc-1b6f950d210f", "indicator--57dab1b2-733c-455e-96f6-1b6f950d210f", "indicator--57dab1b3-17f4-4194-af5c-1b6f950d210f", "indicator--57dab1b3-c0d8-43cb-be68-1b6f950d210f", "indicator--57dab1b4-0504-4288-8218-1b6f950d210f", "indicator--57dab1b5-6b40-4b55-a694-1b6f950d210f", "indicator--57dab1b5-674c-4463-b064-1b6f950d210f", "indicator--57dab1b6-31a0-463b-8e7e-1b6f950d210f", "indicator--57dab1b6-7210-4cb0-a80b-1b6f950d210f", "indicator--57dab1b7-fc80-4051-a5c9-1b6f950d210f", "indicator--57dab1b7-b424-4367-9b13-1b6f950d210f", "indicator--57dab1b8-aadc-46b6-9675-1b6f950d210f", "indicator--57dab1b9-6a48-4846-bd9a-1b6f950d210f", "indicator--57dab1b9-8088-47d1-871c-1b6f950d210f", "indicator--57dab1ba-7b0c-4e05-91f3-1b6f950d210f", "indicator--57dab1ba-b9c8-4a4d-97be-1b6f950d210f", "indicator--57dab1bb-01fc-41a7-8f0f-1b6f950d210f", "indicator--57dab1bc-09e0-4545-9632-1b6f950d210f", "indicator--57dab1bc-e9b8-4b4f-8a0b-1b6f950d210f", "indicator--57dab1bc-b9fc-4ff9-ae63-1b6f950d210f", "indicator--57dab1bd-5898-425f-aa17-1b6f950d210f", "indicator--57dab1be-35d0-4e35-b1bd-1b6f950d210f", "indicator--57dab1be-cc64-446f-9c54-1b6f950d210f", "indicator--57dab1bf-9824-4171-9270-1b6f950d210f", "indicator--57dab1bf-5e98-4bc6-9dc8-1b6f950d210f", "indicator--57dab1c0-5a24-460f-80a3-1b6f950d210f", "indicator--57dab1c0-5764-40e0-b75a-1b6f950d210f", "indicator--57dab1c1-0a20-4cf3-b24d-1b6f950d210f", "indicator--57dab1c1-58ac-43d4-8448-1b6f950d210f", "indicator--57dab1c2-f004-47b6-8b71-1b6f950d210f", "indicator--57dab1c3-8c5c-4d1b-8045-1b6f950d210f", "indicator--57dab1c3-ca74-46f7-a658-1b6f950d210f", "indicator--57dab1c4-799c-45c4-b752-1b6f950d210f", "indicator--57dab1c4-49f4-4aa8-b4fd-1b6f950d210f", "indicator--57dab1c5-c5b8-4a8f-a917-1b6f950d210f", "indicator--57dab1c5-885c-4b0a-a470-1b6f950d210f", "indicator--57dab1c6-dc10-423d-91f9-1b6f950d210f", "indicator--57dab1c7-708c-4e43-bc22-1b6f950d210f", "indicator--57dab1c7-dfd4-454c-9a89-1b6f950d210f", "indicator--57dab1c8-1f28-4e38-9cef-1b6f950d210f", "indicator--57dab1c8-3450-4a42-bd96-1b6f950d210f", "indicator--57dab1c9-2f70-47f8-b3dc-1b6f950d210f", "indicator--57dab1c9-6c7c-4ca2-b592-1b6f950d210f", "indicator--57dab1ca-8a5c-41cc-9882-1b6f950d210f", "indicator--57dab1cb-0d44-4106-ba58-1b6f950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a3-31a4-4aff-ac62-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:15.000Z", "modified": "2016-09-15T14:35:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.175.157.20']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a4-7344-4c1e-86a4-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:16.000Z", "modified": "2016-09-15T14:35:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.179.200.210']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a5-99c8-474f-bf39-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:17.000Z", "modified": "2016-09-15T14:35:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '125.212.219.132']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a5-e708-4533-9750-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:17.000Z", "modified": "2016-09-15T14:35:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.40.218']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a6-32f4-4749-8062-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:18.000Z", "modified": "2016-09-15T14:35:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.12.92.184']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a6-a1b0-479d-9d60-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:18.000Z", "modified": "2016-09-15T14:35:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.215.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a7-2a34-4596-b18a-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:19.000Z", "modified": "2016-09-15T14:35:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.81.129.230']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a7-268c-4264-8710-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:19.000Z", "modified": "2016-09-15T14:35:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.110.162.146']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a8-fe98-4d7d-8079-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:20.000Z", "modified": "2016-09-15T14:35:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.102.215.57']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a8-d418-43a4-8f57-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:20.000Z", "modified": "2016-09-15T14:35:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.46.81.187']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a9-7510-4d57-a8c8-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:21.000Z", "modified": "2016-09-15T14:35:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.59.151.220']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1a9-f740-454d-94d2-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:21.000Z", "modified": "2016-09-15T14:35:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.5.47.92']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1aa-c774-4cd5-a26f-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:22.000Z", "modified": "2016-09-15T14:35:22.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.177.136.165']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1aa-cd9c-4c41-bcce-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:22.000Z", "modified": "2016-09-15T14:35:22.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.222.14.205']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ab-d770-4289-86e1-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:23.000Z", "modified": "2016-09-15T14:35:23.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.49.96.12']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ac-c618-4533-8e1b-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:24.000Z", "modified": "2016-09-15T14:35:24.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.208.110.201']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ac-e7dc-4cf7-bacb-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:24.000Z", "modified": "2016-09-15T14:35:24.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.245.149.11']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ad-6424-4178-b11a-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:25.000Z", "modified": "2016-09-15T14:35:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.93.62.246']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ad-c724-4daa-a2b4-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:25.000Z", "modified": "2016-09-15T14:35:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.162.94.254']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ae-56ec-4a41-95dc-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:26.000Z", "modified": "2016-09-15T14:35:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.218.219.200']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ae-d754-43a5-b1cc-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:26.000Z", "modified": "2016-09-15T14:35:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.248.29.36']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1af-caa8-4f5f-9195-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:27.000Z", "modified": "2016-09-15T14:35:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.185.209.164']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1af-e370-4974-8ef2-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:27.000Z", "modified": "2016-09-15T14:35:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.73.150.60']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b0-47a0-43ab-85dd-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:28.000Z", "modified": "2016-09-15T14:35:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '97.74.144.193']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b0-c87c-4853-99b6-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:28.000Z", "modified": "2016-09-15T14:35:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'allovercoupon.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b1-d25c-4c61-989c-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:29.000Z", "modified": "2016-09-15T14:35:29.000Z", "description": "download location", "pattern": "[domain-name:value = 'bet4good.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b1-83c0-4d53-9d21-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:29.000Z", "modified": "2016-09-15T14:35:29.000Z", "description": "download location", "pattern": "[domain-name:value = 'bigfishcasting.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b2-0d74-4927-a1cc-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:30.000Z", "modified": "2016-09-15T14:35:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'charlcote1.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b2-733c-455e-96f6-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:30.000Z", "modified": "2016-09-15T14:35:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'delicefilm.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b3-17f4-4194-af5c-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:31.000Z", "modified": "2016-09-15T14:35:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'dendang.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b3-c0d8-43cb-be68-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:31.000Z", "modified": "2016-09-15T14:35:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'discoverstillwater.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b4-0504-4288-8218-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:32.000Z", "modified": "2016-09-15T14:35:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'eiti.co.il']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b5-6b40-4b55-a694-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:33.000Z", "modified": "2016-09-15T14:35:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'electua.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b5-674c-4463-b064-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:33.000Z", "modified": "2016-09-15T14:35:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'hawaiipoliticalinfo.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b6-31a0-463b-8e7e-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:34.000Z", "modified": "2016-09-15T14:35:34.000Z", "description": "download location", "pattern": "[url:value = 'http://allovercoupon.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b6-7210-4cb0-a80b-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:34.000Z", "modified": "2016-09-15T14:35:34.000Z", "description": "download location", "pattern": "[url:value = 'http://bet4good.org/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b7-fc80-4051-a5c9-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:35.000Z", "modified": "2016-09-15T14:35:35.000Z", "description": "download location", "pattern": "[url:value = 'http://bigfishcasting.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b7-b424-4367-9b13-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:35.000Z", "modified": "2016-09-15T14:35:35.000Z", "description": "download location", "pattern": "[url:value = 'http://charlcote1.net/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b8-aadc-46b6-9675-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:36.000Z", "modified": "2016-09-15T14:35:36.000Z", "description": "download location", "pattern": "[url:value = 'http://delicefilm.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b9-6a48-4846-bd9a-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:37.000Z", "modified": "2016-09-15T14:35:37.000Z", "description": "download location", "pattern": "[url:value = 'http://dendang.net/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1b9-8088-47d1-871c-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:37.000Z", "modified": "2016-09-15T14:35:37.000Z", "description": "download location", "pattern": "[url:value = 'http://discoverstillwater.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ba-7b0c-4e05-91f3-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:38.000Z", "modified": "2016-09-15T14:35:38.000Z", "description": "download location", "pattern": "[url:value = 'http://eiti.co.il/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ba-b9c8-4a4d-97be-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:38.000Z", "modified": "2016-09-15T14:35:38.000Z", "description": "download location", "pattern": "[url:value = 'http://electua.org/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1bb-01fc-41a7-8f0f-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:39.000Z", "modified": "2016-09-15T14:35:39.000Z", "description": "download location", "pattern": "[url:value = 'http://hawaiipoliticalinfo.org/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1bc-09e0-4545-9632-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:40.000Z", "modified": "2016-09-15T14:35:40.000Z", "description": "download location", "pattern": "[url:value = 'http://iandistudio.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1bc-e9b8-4b4f-8a0b-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:40.000Z", "modified": "2016-09-15T14:35:40.000Z", "description": "download location", "pattern": "[url:value = 'http://insieutoc.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1bc-b9fc-4ff9-ae63-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:40.000Z", "modified": "2016-09-15T14:35:40.000Z", "description": "download location", "pattern": "[url:value = 'http://jxbestextile.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1bd-5898-425f-aa17-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:41.000Z", "modified": "2016-09-15T14:35:41.000Z", "description": "download location", "pattern": "[url:value = 'http://keratin.sk/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1be-35d0-4e35-b1bd-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:42.000Z", "modified": "2016-09-15T14:35:42.000Z", "description": "download location", "pattern": "[url:value = 'http://kf-design.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1be-cc64-446f-9c54-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:42.000Z", "modified": "2016-09-15T14:35:42.000Z", "description": "download location", "pattern": "[url:value = 'http://lacumpa.biz/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1bf-9824-4171-9270-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:43.000Z", "modified": "2016-09-15T14:35:43.000Z", "description": "download location", "pattern": "[url:value = 'http://lowcostveterinarios.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1bf-5e98-4bc6-9dc8-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:43.000Z", "modified": "2016-09-15T14:35:43.000Z", "description": "download location", "pattern": "[url:value = 'http://mika.tohmon.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c0-5a24-460f-80a3-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:44.000Z", "modified": "2016-09-15T14:35:44.000Z", "description": "download location", "pattern": "[url:value = 'http://pasbardejov.sk/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c0-5764-40e0-b75a-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:44.000Z", "modified": "2016-09-15T14:35:44.000Z", "description": "download location", "pattern": "[url:value = 'http://rimpro.ru/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c1-0a20-4cf3-b24d-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:45.000Z", "modified": "2016-09-15T14:35:45.000Z", "description": "download location", "pattern": "[url:value = 'http://techboss.net/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c1-58ac-43d4-8448-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:45.000Z", "modified": "2016-09-15T14:35:45.000Z", "description": "download location", "pattern": "[url:value = 'http://tommylam.com/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c2-f004-47b6-8b71-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:46.000Z", "modified": "2016-09-15T14:35:46.000Z", "description": "download location", "pattern": "[url:value = 'http://trudprom.ru/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c3-8c5c-4d1b-8045-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:47.000Z", "modified": "2016-09-15T14:35:47.000Z", "description": "download location", "pattern": "[url:value = 'http://zharikoff.ru/afdIJGY8766gyu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c3-ca74-46f7-a658-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:47.000Z", "modified": "2016-09-15T14:35:47.000Z", "description": "download location", "pattern": "[domain-name:value = 'iandistudio.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c4-799c-45c4-b752-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:48.000Z", "modified": "2016-09-15T14:35:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'insieutoc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c4-49f4-4aa8-b4fd-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:48.000Z", "modified": "2016-09-15T14:35:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'jxbestextile.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c5-c5b8-4a8f-a917-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:49.000Z", "modified": "2016-09-15T14:35:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'keratin.sk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c5-885c-4b0a-a470-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:49.000Z", "modified": "2016-09-15T14:35:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'kf-design.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c6-dc10-423d-91f9-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:50.000Z", "modified": "2016-09-15T14:35:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'lacumpa.biz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c7-708c-4e43-bc22-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:51.000Z", "modified": "2016-09-15T14:35:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'lowcostveterinarios.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c7-dfd4-454c-9a89-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:51.000Z", "modified": "2016-09-15T14:35:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'mika.tohmon.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c8-1f28-4e38-9cef-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:52.000Z", "modified": "2016-09-15T14:35:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'pasbardejov.sk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c8-3450-4a42-bd96-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:52.000Z", "modified": "2016-09-15T14:35:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'rimpro.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c9-2f70-47f8-b3dc-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:53.000Z", "modified": "2016-09-15T14:35:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'techboss.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1c9-6c7c-4ca2-b592-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:53.000Z", "modified": "2016-09-15T14:35:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'tommylam.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1ca-8a5c-41cc-9882-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:54.000Z", "modified": "2016-09-15T14:35:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'trudprom.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dab1cb-0d44-4106-ba58-1b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-15T14:35:55.000Z", "modified": "2016-09-15T14:35:55.000Z", "description": "download location", "pattern": "[domain-name:value = 'zharikoff.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-15T14:35:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }