{ "type": "bundle", "id": "bundle--5b06e5c0-0038-48bf-ae71-c25d0acd0835", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-25T15:37:22.000Z", "modified": "2018-05-25T15:37:22.000Z", "name": "Synovus Financial", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5b06e5c0-0038-48bf-ae71-c25d0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-25T15:37:22.000Z", "modified": "2018-05-25T15:37:22.000Z", "name": "Hancitor", "published": "2018-05-25T15:38:01Z", "object_refs": [ "indicator--b89884af-2260-4787-bdea-c00cb1b30d0a", "indicator--fddb6853-4ac0-4dc0-8f65-0e3f3eeb5d04", "indicator--2941d464-5521-4f56-9789-65f163182510", "indicator--b7131687-7fd8-4cf0-b815-93196be0a4aa", "indicator--f3d0a00f-c25d-4781-adc8-e7fddc56ddb7", "indicator--a9d6baee-d26c-47f5-8a3a-2315c28fe4b8", "indicator--7e554802-4193-4f66-b99b-a2bf59869cad", "indicator--ff97e354-d209-4610-bd03-04bf8739b00b", "indicator--5f1a90bb-8b1c-4d10-b130-12948da06a4a", "indicator--b6890763-660b-434f-b3b2-52748dd60efd", "indicator--f81d8cb1-7ac8-43f6-8359-a940d702cdff", "indicator--7bd8e71c-b532-4d5b-854a-4c5e2ac5bd4e", "indicator--8432b814-11b5-44f0-95bc-fb1ed5df59d7", "indicator--679997d7-505e-4dbd-a1da-d81c1e923afe", "indicator--8aaf5844-fa29-4e63-a84d-28b09384a14f", "indicator--15d46602-c607-4424-b1c0-135e1a250211", "indicator--0cceee29-571c-4193-b3ec-bc0ee63c3a06", "indicator--484db206-3288-42c6-804c-c6849f84da39", "indicator--bc0aa1ec-5d40-4d00-855e-2eeefa27ea54", "indicator--d169e6c6-a363-4f5b-a5d4-e58cb65ef524", "indicator--be133cb8-8032-4215-beed-dc5a2b28560e", "indicator--5f9d6c63-14b9-4c4d-ac41-24f579645f64", "indicator--3f1d342d-0206-431f-8d09-a5b3ddc9dbf4", "indicator--4882aa6b-30e3-488c-9d62-66be7b842879", "indicator--21adf312-01c9-473e-922a-d3e4454ae3f1", "indicator--a0cea779-f1db-4ec4-9b9c-ed93b2565508", "indicator--d9da86af-ee7e-4ae0-8705-25d2bac3deee", "indicator--55039210-99c1-4154-884f-986314d5e514", "indicator--2e1f0373-97e4-45cf-84c7-f0690a41a2b9", "indicator--2812c15a-26d8-49b0-bdd7-eda97224028c", "indicator--28a5529f-50b0-464f-bc67-4c9200828047", "indicator--ecd43bac-1205-4e18-a9fb-90b4ee06f20b", "indicator--bbbbef7b-0f3f-4845-9e97-ce6f0c70828f", "indicator--7327eee9-8d9c-4260-b743-260e84cf4411", "indicator--21aa3867-cdf9-4212-b702-b19eff7876ea", "indicator--e43f8190-d71c-4157-862b-208d9cddd691", "indicator--838c1fca-df41-4b87-a325-c88e2826e3eb", "indicator--b1c399ab-8597-49b6-8430-816c468e9c63", "indicator--17ad50da-525b-4ea5-aaab-2b66e400d236", "indicator--35eef300-ab3e-4280-a43c-eb3ca852820f", "indicator--05e60f08-cf40-4304-8316-f08a2ef5d455" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "misp-galaxy:tool=\"Hancitor\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b89884af-2260-4787-bdea-c00cb1b30d0a", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:18:16.000Z", "modified": "2018-05-24T16:18:16.000Z", "pattern": "[url:value = 'http://torsjogeca.com/4/forum.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:18:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--fddb6853-4ac0-4dc0-8f65-0e3f3eeb5d04", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:18:22.000Z", "modified": "2018-05-24T16:18:22.000Z", "pattern": "[url:value = 'http://dotorsfito.ru/4/forum.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:18:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2941d464-5521-4f56-9789-65f163182510", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:18:28.000Z", "modified": "2018-05-24T16:18:28.000Z", "pattern": "[url:value = 'http://hisbutterof.ru/4/forum.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b7131687-7fd8-4cf0-b815-93196be0a4aa", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:18:35.000Z", "modified": "2018-05-24T16:18:35.000Z", "pattern": "[url:value = 'http://orgasmosfemeninos.net/wp-content/plugins/post-types-order/include/1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:18:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f3d0a00f-c25d-4781-adc8-e7fddc56ddb7", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:18:41.000Z", "modified": "2018-05-24T16:18:41.000Z", "pattern": "[url:value = 'http://happyellaafter.com/wp-content/plugins/regenerate-thumbnails/includes/1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:18:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a9d6baee-d26c-47f5-8a3a-2315c28fe4b8", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:18:48.000Z", "modified": "2018-05-24T16:18:48.000Z", "pattern": "[url:value = 'http://lauragordonblog.com/wp-content/plugins/html404/1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:18:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7e554802-4193-4f66-b99b-a2bf59869cad", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:18:54.000Z", "modified": "2018-05-24T16:18:54.000Z", "pattern": "[url:value = 'http://grehu.net/wp-content/plugins/easy-tables-vc/lib/1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:18:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ff97e354-d209-4610-bd03-04bf8739b00b", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:01.000Z", "modified": "2018-05-24T16:19:01.000Z", "pattern": "[url:value = 'http://www.panageries.com/includes/1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5f1a90bb-8b1c-4d10-b130-12948da06a4a", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:07.000Z", "modified": "2018-05-24T16:19:07.000Z", "pattern": "[url:value = 'http://orgasmosfemeninos.net/wp-content/plugins/post-types-order/include/2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b6890763-660b-434f-b3b2-52748dd60efd", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:13.000Z", "modified": "2018-05-24T16:19:13.000Z", "pattern": "[url:value = 'http://happyellaafter.com/wp-content/plugins/regenerate-thumbnails/includes/2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f81d8cb1-7ac8-43f6-8359-a940d702cdff", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:19.000Z", "modified": "2018-05-24T16:19:19.000Z", "pattern": "[url:value = 'http://lauragordonblog.com/wp-content/plugins/html404/2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7bd8e71c-b532-4d5b-854a-4c5e2ac5bd4e", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:25.000Z", "modified": "2018-05-24T16:19:25.000Z", "pattern": "[url:value = 'http://grehu.net/wp-content/plugins/easy-tables-vc/lib/2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8432b814-11b5-44f0-95bc-fb1ed5df59d7", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:31.000Z", "modified": "2018-05-24T16:19:31.000Z", "pattern": "[url:value = 'http://www.panageries.com/includes/2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--679997d7-505e-4dbd-a1da-d81c1e923afe", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:38.000Z", "modified": "2018-05-24T16:19:38.000Z", "pattern": "[url:value = 'http://orgasmosfemeninos.net/wp-content/plugins/post-types-order/include/3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8aaf5844-fa29-4e63-a84d-28b09384a14f", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:44.000Z", "modified": "2018-05-24T16:19:44.000Z", "pattern": "[url:value = 'http://happyellaafter.com/wp-content/plugins/regenerate-thumbnails/includes/3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--15d46602-c607-4424-b1c0-135e1a250211", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:50.000Z", "modified": "2018-05-24T16:19:50.000Z", "pattern": "[url:value = 'http://lauragordonblog.com/wp-content/plugins/html404/3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0cceee29-571c-4193-b3ec-bc0ee63c3a06", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:19:56.000Z", "modified": "2018-05-24T16:19:56.000Z", "pattern": "[url:value = 'http://grehu.net/wp-content/plugins/easy-tables-vc/lib/3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:19:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--484db206-3288-42c6-804c-c6849f84da39", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:02.000Z", "modified": "2018-05-24T16:20:02.000Z", "pattern": "[url:value = 'http://www.panageries.com/includes/3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--bc0aa1ec-5d40-4d00-855e-2eeefa27ea54", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:08.000Z", "modified": "2018-05-24T16:20:08.000Z", "pattern": "[url:value = 'http://torsjogeca.com/mlu/forum.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d169e6c6-a363-4f5b-a5d4-e58cb65ef524", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:14.000Z", "modified": "2018-05-24T16:20:14.000Z", "pattern": "[url:value = 'http://dotorsfito.ru/mlu/forum.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--be133cb8-8032-4215-beed-dc5a2b28560e", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:20.000Z", "modified": "2018-05-24T16:20:20.000Z", "pattern": "[url:value = 'http://hisbutterof.ru/mlu/forum.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5f9d6c63-14b9-4c4d-ac41-24f579645f64", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:26.000Z", "modified": "2018-05-24T16:20:26.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/1kewoimzatybewoliowof.dat']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3f1d342d-0206-431f-8d09-a5b3ddc9dbf4", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:32.000Z", "modified": "2018-05-24T16:20:32.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68webinjects.dat']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--4882aa6b-30e3-488c-9d62-66be7b842879", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:38.000Z", "modified": "2018-05-24T16:20:38.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/1kewoimzatybewoliowof.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--21adf312-01c9-473e-922a-d3e4454ae3f1", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:44.000Z", "modified": "2018-05-24T16:20:44.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68webinject32.bin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--a0cea779-f1db-4ec4-9b9c-ed93b2565508", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:50.000Z", "modified": "2018-05-24T16:20:50.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68webinject64.bin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--d9da86af-ee7e-4ae0-8705-25d2bac3deee", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:20:56.000Z", "modified": "2018-05-24T16:20:56.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68vnc32.bin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:20:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--55039210-99c1-4154-884f-986314d5e514", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:21:02.000Z", "modified": "2018-05-24T16:21:02.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68vnc64.bin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:21:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2e1f0373-97e4-45cf-84c7-f0690a41a2b9", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:21:08.000Z", "modified": "2018-05-24T16:21:08.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68backsocks.bin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:21:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--2812c15a-26d8-49b0-bdd7-eda97224028c", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:21:14.000Z", "modified": "2018-05-24T16:21:14.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68grabber.bin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:21:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--28a5529f-50b0-464f-bc67-4c9200828047", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:21:20.000Z", "modified": "2018-05-24T16:21:20.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68keylogger.bin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:21:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ecd43bac-1205-4e18-a9fb-90b4ee06f20b", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:23:43.000Z", "modified": "2018-05-24T16:23:43.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/1kewoimzatybewoliowof.dat"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:23:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--bbbbef7b-0f3f-4845-9e97-ce6f0c70828f", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:23:49.000Z", "modified": "2018-05-24T16:23:49.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68webinjects.dat"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:23:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--7327eee9-8d9c-4260-b743-260e84cf4411", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:23:55.000Z", "modified": "2018-05-24T16:23:55.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/1kewoimzatybewoliowof.exe"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:23:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--21aa3867-cdf9-4212-b702-b19eff7876ea", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:24:02.000Z", "modified": "2018-05-24T16:24:02.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68webinject32.bin"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:24:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e43f8190-d71c-4157-862b-208d9cddd691", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:24:08.000Z", "modified": "2018-05-24T16:24:08.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68webinject64.bin"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:24:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--838c1fca-df41-4b87-a325-c88e2826e3eb", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:24:14.000Z", "modified": "2018-05-24T16:24:14.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68vnc32.bin"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:24:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--b1c399ab-8597-49b6-8430-816c468e9c63", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:24:20.000Z", "modified": "2018-05-24T16:24:20.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68vnc64.bin"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:24:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--17ad50da-525b-4ea5-aaab-2b66e400d236", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:24:26.000Z", "modified": "2018-05-24T16:24:26.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68backsocks.bin"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:24:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--35eef300-ab3e-4280-a43c-eb3ca852820f", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:24:33.000Z", "modified": "2018-05-24T16:24:33.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68grabber.bin"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:24:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--05e60f08-cf40-4304-8316-f08a2ef5d455", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-05-24T16:24:39.000Z", "modified": "2018-05-24T16:24:39.000Z", "pattern": "[url:value = 'https://robwassotdint.ru/68keylogger.bin"']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-05-24T16:24:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] } ] }