{ "type": "bundle", "id": "bundle--57dc1fe4-0d70-4dde-95fe-46e8950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:57.000Z", "modified": "2016-09-16T17:14:57.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57dc1fe4-0d70-4dde-95fe-46e8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:57.000Z", "modified": "2016-09-16T17:14:57.000Z", "name": "Malspam 2016-09-16 (.wsf in .zip) - campaign: \"(SCAN|FAX|DOC|IMG)_{integer}\"", "published": "2016-09-16T17:15:31Z", "object_refs": [ "indicator--57dc2011-43e0-4c6e-91b3-46ac950d210f", "indicator--57dc2012-7928-4091-9826-4ceb950d210f", "indicator--57dc2012-859c-4bd9-90ff-4c83950d210f", "indicator--57dc2013-9e2c-44b2-a102-4ff3950d210f", "indicator--57dc2013-e934-499f-b75d-4fc8950d210f", "indicator--57dc2014-0060-46e7-a641-4597950d210f", "indicator--57dc2014-0e1c-4994-ad8f-464e950d210f", "indicator--57dc2015-53d0-48ee-9c08-49dc950d210f", "indicator--57dc2015-1b50-4cf1-8995-4822950d210f", "indicator--57dc2016-1498-4065-8c25-4791950d210f", "indicator--57dc2017-fad8-4b5b-b31d-4251950d210f", "indicator--57dc2017-d364-40ec-b38f-4703950d210f", "indicator--57dc2018-d37c-41af-baf3-434b950d210f", "indicator--57dc2018-d0d4-436d-8ca8-4a77950d210f", "indicator--57dc2019-7e60-4e34-b080-49ba950d210f", "indicator--57dc2019-8a64-411e-bf72-4735950d210f", "indicator--57dc201a-91c8-425c-a38d-4e5a950d210f", "indicator--57dc201a-a590-4601-87a5-48eb950d210f", "indicator--57dc201b-94e8-49eb-95e0-47e8950d210f", "indicator--57dc201c-04a8-4f1f-898f-4771950d210f", "indicator--57dc201c-b9a0-4380-a0b5-46b8950d210f", "indicator--57dc201d-9a74-4ed6-999c-47a7950d210f", "indicator--57dc201d-6464-4e94-9eb7-4aee950d210f", "indicator--57dc201e-04d0-41b5-8843-495a950d210f", "indicator--57dc201e-c82c-48bb-91a1-4b04950d210f", "indicator--57dc201f-1860-43fa-96b2-4272950d210f", "indicator--57dc201f-0378-497d-b6b6-4e3d950d210f", "indicator--57dc2020-a2dc-4792-8ade-44bf950d210f", "indicator--57dc2021-5248-46e6-8ffd-4944950d210f", "indicator--57dc2021-824c-46dd-a2e4-45d7950d210f", "indicator--57dc2022-8a74-4321-aa2e-4965950d210f", "indicator--57dc2022-56b0-4634-9ec8-45d3950d210f", "indicator--57dc2023-c8fc-414c-ab3b-4510950d210f", "indicator--57dc2023-b368-4580-868d-495a950d210f", "indicator--57dc2024-7100-45ca-a0b6-4f63950d210f", "indicator--57dc2025-e008-4a5a-90f8-4f3d950d210f", "indicator--57dc2025-4788-40e8-a7e6-4ffb950d210f", "indicator--57dc2026-9314-4649-b914-433c950d210f", "indicator--57dc2026-9294-468c-9372-46ab950d210f", "indicator--57dc2026-ac58-4f36-a780-44cd950d210f", "indicator--57dc2026-d080-442a-90e9-406b950d210f", "indicator--57dc2027-7b7c-4ef3-af0c-40c4950d210f", "indicator--57dc2027-5ba4-4386-8db9-4611950d210f", "indicator--57dc2027-8dac-4ec4-a2f9-4cf7950d210f", "indicator--57dc2027-e15c-420b-95e9-4830950d210f", "indicator--57dc2028-d744-4b99-a026-4644950d210f", "indicator--57dc2028-d18c-439d-be1f-4e8b950d210f", "indicator--57dc2028-fbcc-4b28-b6d4-4f91950d210f", "indicator--57dc2028-3ac8-4801-a700-4199950d210f", "indicator--57dc2028-5a8c-4c07-aafb-4117950d210f", "indicator--57dc2029-0094-493f-87b5-4a34950d210f", "indicator--57dc2034-46c0-45d3-8670-4995950d210f", "indicator--57dc227b-0040-46fa-9a6c-4c0a950d210f", "indicator--57dc227c-ffe4-4b51-8b0b-4aeb950d210f", "indicator--57dc227c-7294-425b-be91-4157950d210f", "indicator--57dc227c-b948-4b2a-9e0b-4910950d210f", "indicator--57dc227c-fb40-4a43-a8a7-420c950d210f", "indicator--57dc227d-3588-4f90-9723-49d1950d210f", "indicator--57dc227d-a66c-4ab4-a827-443b950d210f", "indicator--57dc227d-5ba4-45e4-80c3-4280950d210f", "indicator--57dc227d-289c-4f37-ac41-467e950d210f", "indicator--57dc2374-e444-4882-875c-4ca8950d210f", "indicator--57dc2374-6380-4314-880a-4b5e950d210f", "indicator--57dc2374-8f5c-4fce-9e25-4ee8950d210f", "indicator--57dc2375-4198-4772-9743-4947950d210f", "indicator--57dc2375-5b50-4f60-a7da-47b0950d210f", "indicator--57dc2375-2f24-43ae-8754-4173950d210f", "indicator--57dc2455-6258-4042-9c08-431a950d210f", "indicator--57dc2455-c42c-4954-ad96-479f950d210f", "indicator--57dc2456-431c-45a0-9001-4c90950d210f", "indicator--57dc2456-cfbc-4049-89c6-4641950d210f", "indicator--57dc2456-5948-4196-b8a8-4cb0950d210f", "indicator--57dc2456-92b8-4cba-aa05-48dc950d210f", "indicator--57dc2456-b28c-4eb4-82f9-4c53950d210f", "indicator--57dc2457-f874-4b56-8fa5-409a950d210f", "indicator--57dc2457-39a8-4015-931d-47f6950d210f", "indicator--57dc288f-2190-43bd-a218-4f73950d210f", "indicator--57dc2890-1a74-4b42-8760-4a4d950d210f", "indicator--57dc2890-6ac4-4b6b-9215-41ba950d210f", "indicator--57dc2890-3948-4a3e-9ba8-4c0d950d210f", "indicator--57dc2890-f954-47b7-acc1-4f78950d210f", "indicator--57dc2891-8068-46bd-b831-4c72950d210f", "indicator--57dc2891-1fac-4afa-8349-4778950d210f", "indicator--57dc2891-9f84-492d-a676-4546950d210f", "indicator--57dc2891-7970-4a1f-bef4-43a7950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2011-43e0-4c6e-91b3-46ac950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:41.000Z", "modified": "2016-09-16T16:38:41.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.51.107']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2012-7928-4091-9826-4ceb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:42.000Z", "modified": "2016-09-16T16:38:42.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '119.28.1.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2012-859c-4bd9-90ff-4c83950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:42.000Z", "modified": "2016-09-16T16:38:42.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '143.95.253.117']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2013-9e2c-44b2-a102-4ff3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:43.000Z", "modified": "2016-09-16T16:38:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.153.93.132']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2013-e934-499f-b75d-4fc8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:43.000Z", "modified": "2016-09-16T16:38:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.102.89']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2014-0060-46e7-a641-4597950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:44.000Z", "modified": "2016-09-16T16:38:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.254.28.47']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2014-0e1c-4994-ad8f-464e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:44.000Z", "modified": "2016-09-16T16:38:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '183.90.250.22']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2015-53d0-48ee-9c08-49dc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:45.000Z", "modified": "2016-09-16T16:38:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.131.50.176']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2015-1b50-4cf1-8995-4822950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:45.000Z", "modified": "2016-09-16T16:38:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.124.5.33']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2016-1498-4065-8c25-4791950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:46.000Z", "modified": "2016-09-16T16:38:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.233.9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2017-fad8-4b5b-b31d-4251950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:47.000Z", "modified": "2016-09-16T16:38:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.46.81.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2017-d364-40ec-b38f-4703950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:47.000Z", "modified": "2016-09-16T16:38:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.170.192.184']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2018-d37c-41af-baf3-434b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:48.000Z", "modified": "2016-09-16T16:38:48.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.226.76.25']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2018-d0d4-436d-8ca8-4a77950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:48.000Z", "modified": "2016-09-16T16:38:48.000Z", "description": "download location", "pattern": "[domain-name:value = '24hourprintshop.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2019-7e60-4e34-b080-49ba950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:49.000Z", "modified": "2016-09-16T16:38:49.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '43.245.62.130']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2019-8a64-411e-bf72-4735950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:49.000Z", "modified": "2016-09-16T16:38:49.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.36.191.199']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201a-91c8-425c-a38d-4e5a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:50.000Z", "modified": "2016-09-16T16:38:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.198.174.188']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201a-a590-4601-87a5-48eb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:50.000Z", "modified": "2016-09-16T16:38:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.43.113.68']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201b-94e8-49eb-95e0-47e8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:51.000Z", "modified": "2016-09-16T16:38:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'akademistcicek.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201c-04a8-4f1f-898f-4771950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:52.000Z", "modified": "2016-09-16T16:38:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'helpmybathroom.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201c-b9a0-4380-a0b5-46b8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:52.000Z", "modified": "2016-09-16T16:38:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'hollystamps.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201d-9a74-4ed6-999c-47a7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:53.000Z", "modified": "2016-09-16T16:38:53.000Z", "description": "download location", "pattern": "[url:value = 'http://24hourprintshop.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201d-6464-4e94-9eb7-4aee950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:53.000Z", "modified": "2016-09-16T16:38:53.000Z", "description": "download location", "pattern": "[url:value = 'http://akademistcicek.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201e-04d0-41b5-8843-495a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:54.000Z", "modified": "2016-09-16T16:38:54.000Z", "description": "download location", "pattern": "[url:value = 'http://helpmybathroom.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201e-c82c-48bb-91a1-4b04950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:54.000Z", "modified": "2016-09-16T16:38:54.000Z", "description": "download location", "pattern": "[url:value = 'http://hollystamps.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201f-1860-43fa-96b2-4272950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:55.000Z", "modified": "2016-09-16T16:38:55.000Z", "description": "download location", "pattern": "[url:value = 'http://inovsol.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc201f-0378-497d-b6b6-4e3d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:55.000Z", "modified": "2016-09-16T16:38:55.000Z", "description": "download location", "pattern": "[url:value = 'http://junhao8.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2020-a2dc-4792-8ade-44bf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:56.000Z", "modified": "2016-09-16T16:38:56.000Z", "description": "download location", "pattern": "[url:value = 'http://lanehmontgomery.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2021-5248-46e6-8ffd-4944950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:57.000Z", "modified": "2016-09-16T16:38:57.000Z", "description": "download location", "pattern": "[url:value = 'http://lv-nexis.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2021-824c-46dd-a2e4-45d7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:57.000Z", "modified": "2016-09-16T16:38:57.000Z", "description": "download location", "pattern": "[url:value = 'http://mahovik-bg.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2022-8a74-4321-aa2e-4965950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:58.000Z", "modified": "2016-09-16T16:38:58.000Z", "description": "download location", "pattern": "[url:value = 'http://mclodesigns.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2022-56b0-4634-9ec8-45d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:58.000Z", "modified": "2016-09-16T16:38:58.000Z", "description": "download location", "pattern": "[url:value = 'http://qarmoo.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2023-c8fc-414c-ab3b-4510950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:59.000Z", "modified": "2016-09-16T16:38:59.000Z", "description": "download location", "pattern": "[url:value = 'http://samenart.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2023-b368-4580-868d-495a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:38:59.000Z", "modified": "2016-09-16T16:38:59.000Z", "description": "download location", "pattern": "[url:value = 'http://sanalnet.org/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:38:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2024-7100-45ca-a0b6-4f63950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:00.000Z", "modified": "2016-09-16T16:39:00.000Z", "description": "download location", "pattern": "[url:value = 'http://smt112.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2025-e008-4a5a-90f8-4f3d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:01.000Z", "modified": "2016-09-16T16:39:01.000Z", "description": "download location", "pattern": "[url:value = 'http://sstaswim.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2025-4788-40e8-a7e6-4ffb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:01.000Z", "modified": "2016-09-16T16:39:01.000Z", "description": "download location", "pattern": "[url:value = 'http://urachart.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2026-9314-4649-b914-433c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:02.000Z", "modified": "2016-09-16T16:39:02.000Z", "description": "download location", "pattern": "[url:value = 'http://zesthouse.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2026-9294-468c-9372-46ab950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:02.000Z", "modified": "2016-09-16T16:39:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'inovsol.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2026-ac58-4f36-a780-44cd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:02.000Z", "modified": "2016-09-16T16:39:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'junhao8.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2026-d080-442a-90e9-406b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:02.000Z", "modified": "2016-09-16T16:39:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'lanehmontgomery.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2027-7b7c-4ef3-af0c-40c4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:03.000Z", "modified": "2016-09-16T16:39:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'lv-nexis.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2027-5ba4-4386-8db9-4611950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:03.000Z", "modified": "2016-09-16T16:39:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'mahovik-bg.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2027-8dac-4ec4-a2f9-4cf7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:03.000Z", "modified": "2016-09-16T16:39:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'mclodesigns.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2027-e15c-420b-95e9-4830950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:03.000Z", "modified": "2016-09-16T16:39:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'qarmoo.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2028-d744-4b99-a026-4644950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:04.000Z", "modified": "2016-09-16T16:39:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'samenart.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2028-d18c-439d-be1f-4e8b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:04.000Z", "modified": "2016-09-16T16:39:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'sanalnet.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2028-fbcc-4b28-b6d4-4f91950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:04.000Z", "modified": "2016-09-16T16:39:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'smt112.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2028-3ac8-4801-a700-4199950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:04.000Z", "modified": "2016-09-16T16:39:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'sstaswim.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2028-5a8c-4c07-aafb-4117950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:04.000Z", "modified": "2016-09-16T16:39:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'urachart.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2029-0094-493f-87b5-4a34950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:05.000Z", "modified": "2016-09-16T16:39:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'zesthouse.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2034-46c0-45d3-8670-4995950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:39:16.000Z", "modified": "2016-09-16T16:39:16.000Z", "description": "Imported via the Freetext Import Tool", "pattern": "[domain-name:value = 'apro88.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:39:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227b-0040-46fa-9a6c-4c0a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:48:59.000Z", "modified": "2016-09-16T16:48:59.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '175.176.161.34']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:48:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227c-ffe4-4b51-8b0b-4aeb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:00.000Z", "modified": "2016-09-16T16:49:00.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.31.107.185']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227c-7294-425b-be91-4157950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:00.000Z", "modified": "2016-09-16T16:49:00.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.59.58.6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227c-b948-4b2a-9e0b-4910950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:00.000Z", "modified": "2016-09-16T16:49:00.000Z", "description": "download location", "pattern": "[domain-name:value = 'all4supply.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227c-fb40-4a43-a8a7-420c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:00.000Z", "modified": "2016-09-16T16:49:00.000Z", "description": "download location", "pattern": "[url:value = 'http://all4supply.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227d-3588-4f90-9723-49d1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:01.000Z", "modified": "2016-09-16T16:49:01.000Z", "description": "download location", "pattern": "[url:value = 'http://mfcomputer.net/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227d-a66c-4ab4-a827-443b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:01.000Z", "modified": "2016-09-16T16:49:01.000Z", "description": "download location", "pattern": "[url:value = 'http://thewebgroup.net/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227d-5ba4-45e4-80c3-4280950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:01.000Z", "modified": "2016-09-16T16:49:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'mfcomputer.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc227d-289c-4f37-ac41-467e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:49:01.000Z", "modified": "2016-09-16T16:49:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'thewebgroup.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:49:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2374-e444-4882-875c-4ca8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:53:08.000Z", "modified": "2016-09-16T16:53:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '100.42.63.88']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:53:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2374-6380-4314-880a-4b5e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:53:08.000Z", "modified": "2016-09-16T16:53:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.57.32.7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:53:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2374-8f5c-4fce-9e25-4ee8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:53:08.000Z", "modified": "2016-09-16T16:53:08.000Z", "description": "download location", "pattern": "[url:value = 'http://islamiccollege.org/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:53:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2375-4198-4772-9743-4947950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:53:09.000Z", "modified": "2016-09-16T16:53:09.000Z", "description": "download location", "pattern": "[url:value = 'http://xsolution.sk/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:53:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2375-5b50-4f60-a7da-47b0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:53:09.000Z", "modified": "2016-09-16T16:53:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'islamiccollege.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:53:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2375-2f24-43ae-8754-4173950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:53:09.000Z", "modified": "2016-09-16T16:53:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'xsolution.sk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:53:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2455-6258-4042-9c08-431a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:53.000Z", "modified": "2016-09-16T16:56:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '157.112.176.54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2455-c42c-4954-ad96-479f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:53.000Z", "modified": "2016-09-16T16:56:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.218.152.239']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2456-431c-45a0-9001-4c90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:54.000Z", "modified": "2016-09-16T16:56:54.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '72.167.131.224']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2456-cfbc-4049-89c6-4641950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:54.000Z", "modified": "2016-09-16T16:56:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'chelsea-west.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2456-5948-4196-b8a8-4cb0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:54.000Z", "modified": "2016-09-16T16:56:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'demo.website.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2456-92b8-4cba-aa05-48dc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:54.000Z", "modified": "2016-09-16T16:56:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'honeydavis.us']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2456-b28c-4eb4-82f9-4c53950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:54.000Z", "modified": "2016-09-16T16:56:54.000Z", "description": "download location", "pattern": "[url:value = 'http://chelsea-west.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2457-f874-4b56-8fa5-409a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:55.000Z", "modified": "2016-09-16T16:56:55.000Z", "description": "download location", "pattern": "[url:value = 'http://demo.website.pl/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2457-39a8-4015-931d-47f6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T16:56:55.000Z", "modified": "2016-09-16T16:56:55.000Z", "description": "download location", "pattern": "[url:value = 'http://honeydavis.us/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T16:56:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc288f-2190-43bd-a218-4f73950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:55.000Z", "modified": "2016-09-16T17:14:55.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.236.198.12']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2890-1a74-4b42-8760-4a4d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:56.000Z", "modified": "2016-09-16T17:14:56.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.175.247.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2890-6ac4-4b6b-9215-41ba950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:56.000Z", "modified": "2016-09-16T17:14:56.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '97.74.215.143']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2890-3948-4a3e-9ba8-4c0d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:56.000Z", "modified": "2016-09-16T17:14:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'earnbyemail.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2890-f954-47b7-acc1-4f78950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:56.000Z", "modified": "2016-09-16T17:14:56.000Z", "description": "download location", "pattern": "[url:value = 'http://earnbyemail.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2891-8068-46bd-b831-4c72950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:57.000Z", "modified": "2016-09-16T17:14:57.000Z", "description": "download location", "pattern": "[url:value = 'http://markanltd.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2891-1fac-4afa-8349-4778950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:57.000Z", "modified": "2016-09-16T17:14:57.000Z", "description": "download location", "pattern": "[url:value = 'http://mudelts.com/54JHbjgcDLG']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2891-9f84-492d-a676-4546950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:57.000Z", "modified": "2016-09-16T17:14:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'markanltd.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57dc2891-7970-4a1f-bef4-43a7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-16T17:14:57.000Z", "modified": "2016-09-16T17:14:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'mudelts.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-16T17:14:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }