{ "type": "bundle", "id": "bundle--5b310846-157c-46d7-8141-89f00acd0835", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2021-05-24T09:49:50.000Z", "modified": "2021-05-24T09:49:50.000Z", "name": "Synovus Financial", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5b310846-157c-46d7-8141-89f00acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2021-05-24T09:49:50.000Z", "modified": "2021-05-24T09:49:50.000Z", "name": "Registrant Tracking for \"earthalgerrity@armyspy.com\"", "published": "2020-05-11T07:59:59Z", "object_refs": [ "indicator--5b3108a2-f534-4632-930a-aca80acd0835", "indicator--5b3108a2-67fc-405b-baa6-aca80acd0835", "indicator--5b3108a2-7efc-4629-bdd2-aca80acd0835", "indicator--5b3108a2-dd0c-4ae2-991a-aca80acd0835", "indicator--5b3108a2-c2b4-4f31-94bd-aca80acd0835", "x-misp-object--5b310905-f854-4665-a18b-ad0a0acd0835" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "ms-caro-malware-full:malware-family=\"Redirector\"", "Bokbot", "misp-galaxy:tool=\"Emotet\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b3108a2-f534-4632-930a-aca80acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-25T15:22:10.000Z", "modified": "2018-06-25T15:22:10.000Z", "pattern": "[domain-name:value = 'calorida.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-25T15:22:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b3108a2-67fc-405b-baa6-aca80acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-25T15:22:10.000Z", "modified": "2018-06-25T15:22:10.000Z", "pattern": "[domain-name:value = 'fuselect.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-25T15:22:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b3108a2-7efc-4629-bdd2-aca80acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-25T15:22:10.000Z", "modified": "2018-06-25T15:22:10.000Z", "pattern": "[domain-name:value = 'maneers.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-25T15:22:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b3108a2-dd0c-4ae2-991a-aca80acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-25T15:22:10.000Z", "modified": "2018-06-25T15:22:10.000Z", "pattern": "[domain-name:value = 'stradical.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-25T15:22:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b3108a2-c2b4-4f31-94bd-aca80acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-25T15:22:10.000Z", "modified": "2018-06-25T15:22:10.000Z", "pattern": "[domain-name:value = 'veryonid.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-25T15:22:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--5b310905-f854-4665-a18b-ad0a0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-25T15:23:49.000Z", "modified": "2018-06-25T15:23:49.000Z", "labels": [ "misp:name=\"whois\"", "misp:meta-category=\"network\"" ], "x_misp_attributes": [ { "type": "whois-registrant-email", "object_relation": "registrant-email", "value": "earthalgerrity@armyspy.com", "category": "Attribution", "uuid": "5b310905-34a4-4399-96bf-ad0a0acd0835" }, { "type": "whois-registrant-name", "object_relation": "registrant-name", "value": "Eartha L. Gerrity", "category": "Attribution", "uuid": "5b310905-cf48-4511-beee-ad0a0acd0835" }, { "type": "whois-registrant-phone", "object_relation": "registrant-phone", "value": "12143212804", "category": "Attribution", "uuid": "5b310905-e174-419e-88db-ad0a0acd0835" } ], "x_misp_meta_category": "network", "x_misp_name": "whois" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }