{ "type": "bundle", "id": "bundle--57db9b97-4ad8-41d7-8c98-4cbb950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:30.000Z", "modified": "2016-09-16T07:14:30.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57db9b97-4ad8-41d7-8c98-4cbb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:30.000Z", "modified": "2016-09-16T07:14:30.000Z", "name": "Malspam 2016-09-16 (.hta in .zip) - campaign: \"(Attached|Emailing|Copy|File): (Scan|Receipt|Document)(integer)\"", "published": "2016-09-16T07:14:55Z", "object_refs": [ "indicator--57db9bb9-5e98-4ce0-bcb2-4177950d210f", "indicator--57db9bba-bae4-4c32-ad7f-4d4e950d210f", "indicator--57db9bba-69cc-4dcb-be0a-4313950d210f", "indicator--57db9bba-37f8-4639-b5fa-41a3950d210f", "indicator--57db9bba-1104-40f6-b376-45af950d210f", "indicator--57db9bbb-b298-46cb-94f9-43c3950d210f", "indicator--57db9bbb-cfb0-4368-965c-49d7950d210f", "indicator--57db9bbb-cb00-4b63-9ec7-4a08950d210f", "indicator--57db9bbb-13c8-448c-845c-4ac2950d210f", "indicator--57db9bbb-f888-4cc1-a573-496e950d210f", "indicator--57db9bbc-d724-4254-90bb-4454950d210f", "indicator--57db9bbc-f5cc-4247-98db-4ec7950d210f", "indicator--57db9bbc-2e6c-47e2-832d-451f950d210f", "indicator--57db9bbc-fc4c-4c55-933c-4e14950d210f", "indicator--57db9bbc-b9b4-4e39-96cb-443a950d210f", "indicator--57db9bbc-5654-41a8-9db3-4e3b950d210f", "indicator--57db9bbd-e1d0-4322-937c-4a35950d210f", "indicator--57db9bbd-7fd8-4ced-8cde-4838950d210f", "indicator--57db9bbd-4ba0-4d91-983e-4131950d210f", "indicator--57db9bbd-77b8-4936-8831-437a950d210f", "indicator--57db9bbd-dd84-4369-a7b3-4163950d210f", "indicator--57db9bbe-04e4-4fd9-8f6f-441e950d210f", "indicator--57db9bbe-2990-47ec-917d-4ead950d210f", "indicator--57db9bbe-0d44-4b33-b1f1-40e5950d210f", "indicator--57db9bbe-9a14-45cb-9ad4-4bb8950d210f", "indicator--57db9bbe-ce18-47fd-963b-4068950d210f", "indicator--57db9bbf-f13c-4ff0-ad28-4ae3950d210f", "indicator--57db9bbf-1470-45c5-85f7-4deb950d210f", "indicator--57db9bbf-54fc-4787-aa10-43d3950d210f", "indicator--57db9bbf-db6c-45d1-9e02-4b9d950d210f", "indicator--57db9bc0-0340-437f-bbf6-4206950d210f", "indicator--57db9bc0-9f30-4eec-88ff-42f6950d210f", "indicator--57db9bc0-f914-4dee-9e66-4a9f950d210f", "indicator--57db9bc1-75a8-45bf-87f3-4a14950d210f", "indicator--57db9bc1-6fbc-4d16-9487-4497950d210f", "indicator--57db9bc2-69f4-4ccb-91b3-4f34950d210f", "indicator--57db9bc2-f4f4-4a55-bfdb-4747950d210f", "indicator--57db9bc3-893c-4210-9f09-48e4950d210f", "indicator--57db9bc3-55e8-4ab2-8272-4a38950d210f", "indicator--57db9bc3-4338-432c-b642-43e1950d210f", "indicator--57db9bc4-390c-439e-8201-4d71950d210f", "indicator--57db9bc4-02a8-4808-a187-4e92950d210f", "indicator--57db9bc5-d284-426a-b7dd-4b7f950d210f", "indicator--57db9bc5-581c-497f-85ec-495b950d210f", "indicator--57db9bc6-e808-4e00-be61-45e8950d210f", "indicator--57db9bc6-97cc-4aa6-adfa-4761950d210f", "indicator--57db9bc6-a5fc-41d8-8f05-4c3d950d210f", "indicator--57db9bc7-7620-41a9-b4d5-4e8e950d210f", "indicator--57db9bc7-41a0-493a-94d6-4570950d210f", "indicator--57db9bc8-6398-4c3e-ab07-4f0c950d210f", "indicator--57db9bc8-0de4-405a-8fd2-4d99950d210f", "indicator--57db9bc9-472c-4f24-8dcf-42bd950d210f", "indicator--57db9bc9-3aac-423a-98fe-4469950d210f", "indicator--57db9bca-ca6c-4f09-a5c4-49d0950d210f", "indicator--57db9bcb-7584-422c-868d-4269950d210f", "indicator--57db9bcb-3ed8-4e8d-af3d-4d0c950d210f", "indicator--57db9bcc-329c-4a01-bb9b-41f1950d210f", "indicator--57db9bcc-0b4c-41f2-88b2-4805950d210f", "indicator--57db9bcd-6cac-4fa7-9d35-43a7950d210f", "indicator--57db9bcd-31f8-4607-895a-4eee950d210f", "indicator--57db9bce-420c-4482-b546-45b9950d210f", "indicator--57db9bce-ebc0-4d2f-acd3-45a9950d210f", "indicator--57db9bcf-1d84-4c0e-ab39-4d9c950d210f", "indicator--57db9bcf-c8a8-4f7f-8b4e-41a0950d210f", "indicator--57db9bd0-d268-4507-8aef-4c83950d210f", "indicator--57db9bd0-90c4-457b-9991-4bf6950d210f", "indicator--57db9bd1-9ee8-4958-a637-48b1950d210f", "indicator--57db9bd1-43c0-4a06-9515-4dd3950d210f", "indicator--57db9bd2-513c-4f44-beb4-4ae4950d210f", "indicator--57db9bd2-6930-4d90-b198-4c10950d210f", "indicator--57db9bd2-0748-422f-a735-45b8950d210f", "indicator--57db9bd3-16a8-4c1c-b4d3-4216950d210f", "indicator--57db9bd3-06d0-4738-a11f-4464950d210f", "indicator--57db9bd4-bf14-49f0-9cd3-4acd950d210f", "indicator--57db9bd5-2a60-4eb0-bd93-475b950d210f", "indicator--57db9bd5-e3ec-4641-b63d-4796950d210f", "indicator--57db9bd5-33ac-4342-8db1-4e09950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bb9-5e98-4ce0-bcb2-4177950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:01.000Z", "modified": "2016-09-16T07:14:01.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '100.42.63.120']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bba-bae4-4c32-ad7f-4d4e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:02.000Z", "modified": "2016-09-16T07:14:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '14.102.148.24']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bba-69cc-4dcb-be0a-4313950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:02.000Z", "modified": "2016-09-16T07:14:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.76.104.67']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bba-37f8-4639-b5fa-41a3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:02.000Z", "modified": "2016-09-16T07:14:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.153.93.132']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bba-1104-40f6-b376-45af950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:02.000Z", "modified": "2016-09-16T07:14:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.254.44.212']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbb-b298-46cb-94f9-43c3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:03.000Z", "modified": "2016-09-16T07:14:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.64.121.131']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbb-cfb0-4368-965c-49d7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:03.000Z", "modified": "2016-09-16T07:14:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.218.152.239']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbb-cb00-4b63-9ec7-4a08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:03.000Z", "modified": "2016-09-16T07:14:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.59.58.6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbb-13c8-448c-845c-4ac2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:03.000Z", "modified": "2016-09-16T07:14:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.52.146.37']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbb-f888-4cc1-a573-496e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:03.000Z", "modified": "2016-09-16T07:14:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.170.192.184']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbc-d724-4254-90bb-4454950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:04.000Z", "modified": "2016-09-16T07:14:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '205.134.224.227']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbc-f5cc-4247-98db-4ec7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:04.000Z", "modified": "2016-09-16T07:14:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.76.86.168']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbc-2e6c-47e2-832d-451f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:04.000Z", "modified": "2016-09-16T07:14:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.175.247.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbc-fc4c-4c55-933c-4e14950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:04.000Z", "modified": "2016-09-16T07:14:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.57.32.7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbc-b9b4-4e39-96cb-443a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:04.000Z", "modified": "2016-09-16T07:14:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '221.122.111.73']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbc-5654-41a8-9db3-4e3b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:04.000Z", "modified": "2016-09-16T07:14:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '223.130.24.150']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbd-e1d0-4322-937c-4a35950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:05.000Z", "modified": "2016-09-16T07:14:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.187.75.173']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbd-7fd8-4ced-8cde-4838950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:05.000Z", "modified": "2016-09-16T07:14:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '43.245.62.130']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbd-4ba0-4d91-983e-4131950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:05.000Z", "modified": "2016-09-16T07:14:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.34.157.60']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbd-77b8-4936-8831-437a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:05.000Z", "modified": "2016-09-16T07:14:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.245.154.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbd-dd84-4369-a7b3-4163950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:05.000Z", "modified": "2016-09-16T07:14:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.140.209.36']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbe-04e4-4fd9-8f6f-441e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:06.000Z", "modified": "2016-09-16T07:14:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.96.174.226']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbe-2990-47ec-917d-4ead950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:06.000Z", "modified": "2016-09-16T07:14:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.198.174.188']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbe-0d44-4b33-b1f1-40e5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:06.000Z", "modified": "2016-09-16T07:14:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.186.1.102']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbe-9a14-45cb-9ad4-4bb8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:06.000Z", "modified": "2016-09-16T07:14:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.43.113.68']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbe-ce18-47fd-963b-4068950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:06.000Z", "modified": "2016-09-16T07:14:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'alexandrkireev.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbf-f13c-4ff0-ad28-4ae3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:07.000Z", "modified": "2016-09-16T07:14:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'bukkuz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbf-1470-45c5-85f7-4deb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:07.000Z", "modified": "2016-09-16T07:14:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'demo.website.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbf-54fc-4787-aa10-43d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:07.000Z", "modified": "2016-09-16T07:14:07.000Z", "description": "download location", "pattern": "[url:value = 'http://alexandrkireev.ru/rqcklbm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bbf-db6c-45d1-9e02-4b9d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:07.000Z", "modified": "2016-09-16T07:14:07.000Z", "description": "download location", "pattern": "[url:value = 'http://bukkuz.com/qyopafb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc0-0340-437f-bbf6-4206950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:08.000Z", "modified": "2016-09-16T07:14:08.000Z", "description": "download location", "pattern": "[url:value = 'http://demo.website.pl/ugfsfed']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc0-9f30-4eec-88ff-42f6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:08.000Z", "modified": "2016-09-16T07:14:08.000Z", "description": "download location", "pattern": "[url:value = 'http://jsydjc.com/nakhldo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc0-f914-4dee-9e66-4a9f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:08.000Z", "modified": "2016-09-16T07:14:08.000Z", "description": "download location", "pattern": "[url:value = 'http://kliksiska.com/ciwdpgg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc1-75a8-45bf-87f3-4a14950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:09.000Z", "modified": "2016-09-16T07:14:09.000Z", "description": "download location", "pattern": "[url:value = 'http://lv-nexis.com/unicyct']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc1-6fbc-4d16-9487-4497950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:09.000Z", "modified": "2016-09-16T07:14:09.000Z", "description": "download location", "pattern": "[url:value = 'http://mahovik-bg.com/gnixsfq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc2-69f4-4ccb-91b3-4f34950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:10.000Z", "modified": "2016-09-16T07:14:10.000Z", "description": "download location", "pattern": "[url:value = 'http://markanltd.com/rrdmwim']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc2-f4f4-4a55-bfdb-4747950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:10.000Z", "modified": "2016-09-16T07:14:10.000Z", "description": "download location", "pattern": "[url:value = 'http://mclodesigns.com/edvxmhd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc3-893c-4210-9f09-48e4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:11.000Z", "modified": "2016-09-16T07:14:11.000Z", "description": "download location", "pattern": "[url:value = 'http://nipeldogalgaz.com/dplsdkf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc3-55e8-4ab2-8272-4a38950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:11.000Z", "modified": "2016-09-16T07:14:11.000Z", "description": "download location", "pattern": "[url:value = 'http://paraspokeri.net/rvtgffk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc3-4338-432c-b642-43e1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:11.000Z", "modified": "2016-09-16T07:14:11.000Z", "description": "download location", "pattern": "[url:value = 'http://proforceaudio.com/onhejgc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc4-390c-439e-8201-4d71950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:12.000Z", "modified": "2016-09-16T07:14:12.000Z", "description": "download location", "pattern": "[url:value = 'http://psychquiz.com/uxpfxgh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc4-02a8-4808-a187-4e92950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:12.000Z", "modified": "2016-09-16T07:14:12.000Z", "description": "download location", "pattern": "[url:value = 'http://rentvspb.ru/gtipssu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc5-d284-426a-b7dd-4b7f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:13.000Z", "modified": "2016-09-16T07:14:13.000Z", "description": "download location", "pattern": "[url:value = 'http://samenart.com/nyvsbcl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc5-581c-497f-85ec-495b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:13.000Z", "modified": "2016-09-16T07:14:13.000Z", "description": "download location", "pattern": "[url:value = 'http://sinergica.cl/eveasxb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc6-e808-4e00-be61-45e8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:14.000Z", "modified": "2016-09-16T07:14:14.000Z", "description": "download location", "pattern": "[url:value = 'http://swivelsrus.com/neginnl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc6-97cc-4aa6-adfa-4761950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:14.000Z", "modified": "2016-09-16T07:14:14.000Z", "description": "download location", "pattern": "[url:value = 'http://szamba-betonowe.org/eswfxrm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc6-a5fc-41d8-8f05-4c3d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:14.000Z", "modified": "2016-09-16T07:14:14.000Z", "description": "download location", "pattern": "[url:value = 'http://thewebgroup.net/suvahvg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc7-7620-41a9-b4d5-4e8e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:15.000Z", "modified": "2016-09-16T07:14:15.000Z", "description": "download location", "pattern": "[url:value = 'http://tobybender.com/ocwklsy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc7-41a0-493a-94d6-4570950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:15.000Z", "modified": "2016-09-16T07:14:15.000Z", "description": "download location", "pattern": "[url:value = 'http://travelvoice.com/jvktjob']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc8-6398-4c3e-ab07-4f0c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:16.000Z", "modified": "2016-09-16T07:14:16.000Z", "description": "download location", "pattern": "[url:value = 'http://turkmennews.com/ucqwjvy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc8-0de4-405a-8fd2-4d99950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:16.000Z", "modified": "2016-09-16T07:14:16.000Z", "description": "download location", "pattern": "[url:value = 'http://urachart.com/vtnqgoc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc9-472c-4f24-8dcf-42bd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:17.000Z", "modified": "2016-09-16T07:14:17.000Z", "description": "download location", "pattern": "[url:value = 'http://walterssigns.com/turjsty']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bc9-3aac-423a-98fe-4469950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:17.000Z", "modified": "2016-09-16T07:14:17.000Z", "description": "download location", "pattern": "[url:value = 'http://wongcs.com/ytcccbr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bca-ca6c-4f09-a5c4-49d0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:18.000Z", "modified": "2016-09-16T07:14:18.000Z", "description": "download location", "pattern": "[url:value = 'http://xsolution.sk/ljkyemd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcb-7584-422c-868d-4269950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:19.000Z", "modified": "2016-09-16T07:14:19.000Z", "description": "download location", "pattern": "[domain-name:value = 'jsydjc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcb-3ed8-4e8d-af3d-4d0c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:19.000Z", "modified": "2016-09-16T07:14:19.000Z", "description": "download location", "pattern": "[domain-name:value = 'kliksiska.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcc-329c-4a01-bb9b-41f1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:20.000Z", "modified": "2016-09-16T07:14:20.000Z", "description": "download location", "pattern": "[domain-name:value = 'lv-nexis.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcc-0b4c-41f2-88b2-4805950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:20.000Z", "modified": "2016-09-16T07:14:20.000Z", "description": "download location", "pattern": "[domain-name:value = 'mahovik-bg.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcd-6cac-4fa7-9d35-43a7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:21.000Z", "modified": "2016-09-16T07:14:21.000Z", "description": "download location", "pattern": "[domain-name:value = 'markanltd.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcd-31f8-4607-895a-4eee950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:21.000Z", "modified": "2016-09-16T07:14:21.000Z", "description": "download location", "pattern": "[domain-name:value = 'mclodesigns.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bce-420c-4482-b546-45b9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:22.000Z", "modified": "2016-09-16T07:14:22.000Z", "description": "download location", "pattern": "[domain-name:value = 'nipeldogalgaz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bce-ebc0-4d2f-acd3-45a9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:22.000Z", "modified": "2016-09-16T07:14:22.000Z", "description": "download location", "pattern": "[domain-name:value = 'paraspokeri.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcf-1d84-4c0e-ab39-4d9c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:23.000Z", "modified": "2016-09-16T07:14:23.000Z", "description": "download location", "pattern": "[domain-name:value = 'proforceaudio.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bcf-c8a8-4f7f-8b4e-41a0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:23.000Z", "modified": "2016-09-16T07:14:23.000Z", "description": "download location", "pattern": "[domain-name:value = 'psychquiz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd0-d268-4507-8aef-4c83950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:24.000Z", "modified": "2016-09-16T07:14:24.000Z", "description": "download location", "pattern": "[domain-name:value = 'rentvspb.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd0-90c4-457b-9991-4bf6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:24.000Z", "modified": "2016-09-16T07:14:24.000Z", "description": "download location", "pattern": "[domain-name:value = 'samenart.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd1-9ee8-4958-a637-48b1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:25.000Z", "modified": "2016-09-16T07:14:25.000Z", "description": "download location", "pattern": "[domain-name:value = 'sinergica.cl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd1-43c0-4a06-9515-4dd3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:25.000Z", "modified": "2016-09-16T07:14:25.000Z", "description": "download location", "pattern": "[domain-name:value = 'swivelsrus.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd2-513c-4f44-beb4-4ae4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:26.000Z", "modified": "2016-09-16T07:14:26.000Z", "description": "download location", "pattern": "[domain-name:value = 'szamba-betonowe.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd2-6930-4d90-b198-4c10950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:26.000Z", "modified": "2016-09-16T07:14:26.000Z", "description": "download location", "pattern": "[domain-name:value = 'thewebgroup.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd2-0748-422f-a735-45b8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:26.000Z", "modified": "2016-09-16T07:14:26.000Z", "description": "download location", "pattern": "[domain-name:value = 'tobybender.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd3-16a8-4c1c-b4d3-4216950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:27.000Z", "modified": "2016-09-16T07:14:27.000Z", "description": "download location", "pattern": "[domain-name:value = 'travelvoice.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd3-06d0-4738-a11f-4464950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:27.000Z", "modified": "2016-09-16T07:14:27.000Z", "description": "download location", "pattern": "[domain-name:value = 'turkmennews.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd4-bf14-49f0-9cd3-4acd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:28.000Z", "modified": "2016-09-16T07:14:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'urachart.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd5-2a60-4eb0-bd93-475b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:29.000Z", "modified": "2016-09-16T07:14:29.000Z", "description": "download location", "pattern": "[domain-name:value = 'walterssigns.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd5-e3ec-4641-b63d-4796950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:29.000Z", "modified": "2016-09-16T07:14:29.000Z", "description": "download location", "pattern": "[domain-name:value = 'wongcs.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57db9bd5-33ac-4342-8db1-4e09950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T07:14:29.000Z", "modified": "2016-09-16T07:14:29.000Z", "description": "download location", "pattern": "[domain-name:value = 'xsolution.sk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T07:14:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }