{ "type": "bundle", "id": "bundle--5b72bf0a-a300-4b09-9755-a4b00acd0835", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2019-09-23T13:47:04.000Z", "modified": "2019-09-23T13:47:04.000Z", "name": "Synovus Financial", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5b72bf0a-a300-4b09-9755-a4b00acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2019-09-23T13:47:04.000Z", "modified": "2019-09-23T13:47:04.000Z", "name": "[TIA-REPO Consumption] KeyPass ransomware", "published": "2019-10-10T22:38:58Z", "object_refs": [ "indicator--5b72bf0a-98b4-459e-9b64-a4b00acd0835", "indicator--5b72bf0a-dfd0-472f-90dd-a4b00acd0835", "indicator--5b72bf0a-c368-4a8c-9acf-a4b00acd0835", "observed-data--5b72bfa8-958c-44f7-a94d-93c60acd0835", "url--5b72bfa8-958c-44f7-a94d-93c60acd0835", "indicator--5b72c64d-a1e4-4d38-acd0-a4bd0acd0835", "indicator--5b72c64d-56a0-4109-9cd9-a4bd0acd0835", "indicator--5b72c64d-aecc-44ba-b907-a4bd0acd0835", "indicator--5b72c64d-37cc-48d8-b329-a4bd0acd0835", "indicator--5b72c64d-af14-4c7e-8f59-a4bd0acd0835", "indicator--5b72c64d-2d24-4dc4-b14b-a4bd0acd0835", "indicator--5b72c64d-0764-447b-9199-a4bd0acd0835", "indicator--5b72c64d-547c-40f4-8bd6-a4bd0acd0835", "indicator--5b72c64d-2190-444d-8654-a4bd0acd0835", "indicator--5b72c64d-ae38-421a-84d5-a4bd0acd0835", "indicator--5b72c64d-e514-4004-8d37-a4bd0acd0835", "indicator--5b72c64d-8ec8-4034-8d6e-a4bd0acd0835", "indicator--5b72c64d-fb8c-42c8-bed5-a4bd0acd0835", "indicator--5b72c64d-33f0-422d-92b5-a4bd0acd0835", "indicator--5b72c64d-6188-4d4b-9baf-a4bd0acd0835", "indicator--5b72c64d-21dc-41e6-aa44-a4bd0acd0835", "indicator--5b72c64d-0dcc-4b58-9ad4-a4bd0acd0835", "indicator--5b72c64d-46a8-4140-9d22-a4bd0acd0835", "indicator--5b72c64d-97d8-4829-9c2e-a4bd0acd0835", "indicator--5b72c64d-07c0-4e28-b480-a4bd0acd0835", "indicator--5b72c64d-d57c-4653-80dd-a4bd0acd0835", "indicator--5b72c64d-ae64-4c0c-a7fe-a4bd0acd0835", "indicator--5b72c64d-527c-4c41-9e77-a4bd0acd0835", "indicator--5b72c64d-33d0-48e0-ab3f-a4bd0acd0835", "indicator--5b72c64d-30b0-47e3-ad53-a4bd0acd0835", "indicator--5b72c64d-206c-4ecc-b785-a4bd0acd0835", "indicator--5b72c64d-69b8-4eda-91bf-a4bd0acd0835", "indicator--5b72c64d-7fe0-4fe8-a95e-a4bd0acd0835", "indicator--5b72c64d-9454-4497-b870-a4bd0acd0835", "indicator--5b72c64d-8df0-42e6-a5cc-a4bd0acd0835", "indicator--5b72c64d-85d8-4ba5-a1ea-a4bd0acd0835", "indicator--5b72c64d-eb28-4d67-8431-a4bd0acd0835", "indicator--5b72c64d-3300-47a8-a7a1-a4bd0acd0835", "indicator--5b72c64d-a364-490d-bfc8-a4bd0acd0835", "indicator--5b72c64d-11fc-4c26-8046-a4bd0acd0835", "indicator--5b72c64d-70cc-4124-87d9-a4bd0acd0835", "indicator--5b72c64d-d740-4370-b8fd-a4bd0acd0835", "indicator--5b72c64d-c7d0-4bf6-bb75-a4bd0acd0835", "indicator--5b72c64e-5fcc-4104-8df9-a4bd0acd0835", "indicator--5b72c64e-c5d4-4802-bcb1-a4bd0acd0835", "indicator--5b72c64e-bb50-41ec-a8c8-a4bd0acd0835", "indicator--5b72c64e-bbfc-48d0-9578-a4bd0acd0835", "indicator--5b72c64e-f2ec-46d8-bfd0-a4bd0acd0835", "indicator--5b72c64e-a4b0-40c1-9c74-a4bd0acd0835", "indicator--5b72c64e-6ab4-4c9a-96ee-a4bd0acd0835", "indicator--5b72c64e-2854-45c8-9f26-a4bd0acd0835", "indicator--5b72c64e-b35c-4a9c-8005-a4bd0acd0835", "indicator--5b72c64e-1070-4d93-a1d3-a4bd0acd0835", "indicator--5b72c64e-80b8-46f6-a84c-a4bd0acd0835", "indicator--5b72c64e-611c-408f-b684-a4bd0acd0835", "indicator--5b72c64e-aa70-4b8c-8fae-a4bd0acd0835", "indicator--5b72c64e-c198-4c23-bc53-a4bd0acd0835", "indicator--5b72c64e-c13c-4dfd-8922-a4bd0acd0835", "indicator--5b72c64e-7c18-438f-8806-a4bd0acd0835", "indicator--5b72c64e-a820-4e5b-b873-a4bd0acd0835", "indicator--5b72c64e-f818-4544-bb2c-a4bd0acd0835", "indicator--5b72c64e-8798-4a5a-8985-a4bd0acd0835", "indicator--5b72c64e-e880-4df2-a2fa-a4bd0acd0835", "indicator--5b72c64e-0ffc-4f07-bc84-a4bd0acd0835", "indicator--5b72c64e-2f7c-4d22-a086-a4bd0acd0835", "indicator--5b72c64e-2a8c-41b9-b378-a4bd0acd0835", "indicator--5b72c64e-4150-4c54-883e-a4bd0acd0835", "indicator--5b72c64e-8eb0-48d4-a76c-a4bd0acd0835", "indicator--5b72c64e-3cf0-4e8a-bd90-a4bd0acd0835", "indicator--5b72c64e-c910-4850-b7c7-a4bd0acd0835", "indicator--5b72c64e-0e18-410c-b608-a4bd0acd0835", "indicator--5b72c64e-2f54-420a-bd34-a4bd0acd0835", "indicator--5b72c64e-be54-4327-bc13-a4bd0acd0835", "indicator--5b72c64e-72f8-4851-bcd4-a4bd0acd0835", "indicator--5b72c64e-35ec-4b4a-91f1-a4bd0acd0835", "indicator--5b72c64e-6578-4068-b024-a4bd0acd0835", "indicator--5b72c64e-4e90-4dc0-a3ac-a4bd0acd0835", "indicator--5b72c64e-6d98-42ba-b116-a4bd0acd0835", "indicator--5b72c64e-5280-4b90-ba1c-a4bd0acd0835", "indicator--5b72c64e-c4bc-4046-805c-a4bd0acd0835", "indicator--5b72c64e-ef34-4bed-a532-a4bd0acd0835", "indicator--5b72c64e-35fc-41f1-a68c-a4bd0acd0835", "indicator--5b72c64e-fe6c-4914-9556-a4bd0acd0835", "indicator--5b72c64e-4a60-4e49-94df-a4bd0acd0835", "indicator--5b72c64e-a1bc-47ff-a274-a4bd0acd0835", "indicator--5b72c64e-7348-4cd9-8d09-a4bd0acd0835", "indicator--5b72c64e-6c6c-484c-b77b-a4bd0acd0835", "indicator--5b72c64e-aab4-478c-ac03-a4bd0acd0835", "indicator--5b72c64e-7d6c-4a57-9c44-a4bd0acd0835", "indicator--5b72c64e-90ac-4115-8962-a4bd0acd0835", "indicator--5b72c64e-a6b4-4f8d-ae91-a4bd0acd0835", "indicator--5b72c64e-8624-4d79-b426-a4bd0acd0835", "indicator--5b72c64e-d1d0-4c6b-b3cf-a4bd0acd0835", "indicator--5b72c64e-27e4-4955-a051-a4bd0acd0835", "indicator--5b72c64e-d984-44bd-82ef-a4bd0acd0835", "indicator--5b72c64e-5300-4ebf-884a-a4bd0acd0835", "indicator--5b72c64e-4764-4f55-9aa1-a4bd0acd0835", "indicator--5b72c64e-830c-4842-ba5d-a4bd0acd0835", "indicator--5b72c64e-9654-4df0-91eb-a4bd0acd0835" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "malware_classification:malware-category=\"Ransomware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72bf0a-98b4-459e-9b64-a4b00acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:03.000Z", "modified": "2018-08-14T12:11:03.000Z", "pattern": "[domain-name:value = 'cosonar.mcdir.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72bf0a-dfd0-472f-90dd-a4b00acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:03.000Z", "modified": "2018-08-14T12:11:03.000Z", "pattern": "[file:hashes.MD5 = '901d893f665c6f9741aa940e5f275952']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72bf0a-c368-4a8c-9acf-a4b00acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:03.000Z", "modified": "2018-08-14T12:11:03.000Z", "pattern": "[url:value = 'http://cosonar.mcdir.ru/get.php']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5b72bfa8-958c-44f7-a94d-93c60acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "first_observed": "2018-08-14T12:11:13Z", "last_observed": "2018-08-14T12:11:13Z", "number_observed": 1, "object_refs": [ "url--5b72bfa8-958c-44f7-a94d-93c60acd0835" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5b72bfa8-958c-44f7-a94d-93c60acd0835", "value": "https://securelist.com/keypass-ransomware/87412/" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-a1e4-4d38-acd0-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://rihs2.herocraft.com/hs.php?act=hostlist']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-56a0-4109-9cd9-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=265729&funid=4451']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-aecc-44ba-b907-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://mt20.lbs8.com/navidog2Theme/clientSort.htm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-37cc-48d8-b329-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=374566&funid=4451']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-af14-4c7e-8f59-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=270779&funid=4451']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-2d24-4dc4-b14b-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=371132&funid=4451']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-0764-447b-9199-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://ggbook601.3g.cn/book60/auto?pver=5&option=1&bookid=300180&funid=4451']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-547c-40f4-8bd6-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://androidpay-users-pa.googleapis.com/cm/t/security/getnonce']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-2190-444d-8654-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://androidpay-users-pa.googleapis.com/cm/t/security/checkin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-ae38-421a-84d5-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.chinahaobao.com/new/shunyeqiao.php?8srf1/e94km.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-e514-4004-8d37-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'https://www.vamosemagrecer.com.br/como-perder-barriga/exercicios/']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-8ec8-4034-8d6e-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.59pic.com/youwuCol/']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-fb8c-42c8-bed5-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://59pic.com/youwuCol/']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-33f0-422d-92b5-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.ngs517.com/.settings/meileituo.php?6ytp/bas47r.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-6188-4d4b-9baf-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.ngs517.com/.settings/meileituo.php?chzf/t0buxv.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-21dc-41e6-aa44-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.ngs517.com/.settings/meileituo.php?n36t/azkem8.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-0dcc-4b58-9ad4-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://carestar.cc/song.php?8ap9p/gg6mt1.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-46a8-4140-9d22-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://86.gtuu.com/mixinhuai.php?8afc\\\\%2fyxl0ka.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-97d8-4829-9c2e-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.xun-yi.com/jiankangxinli/ganci.php?ygyi/yiaoad.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-07c0-4e28-b480-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/digg/qiaofan.php?15rg/dnvmbw.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-d57c-4653-80dd-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.xun-yi.com/jiankangxinli/ganci.php/']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-ae64-4c0c-a7fe-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.xun-yi.com/jiankangxinli/ganci.php/?ygyi\\\\%2Fyiaoad.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-527c-4c41-9e77-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?oetb14pm/hfsfnqd.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-33d0-48e0-ab3f-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?hz0hzhfa/h2vck1q.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-30b0-47e3-ad53-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://xtw.bhbhxy.com/shuofenzhun.php?rdfkns3y/rws9ygl.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-206c-4ecc-b785-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?mw2e/3clzsi.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-69b8-4eda-91bf-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?hz2r/9stpnz.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-7fe0-4fe8-a95e-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?wiqm/ljipk2.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-9454-4497-b870-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?gmwwbwa0/wgify4e.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-8df0-42e6-a5cc-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/special/qinshifen.php?zwcclidd/o1zsc0w.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-85d8-4ba5-a1ea-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/special/qinshifen.php?gmux5mih/oflsrjm.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-eb28-4d67-8431-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/digg/kangrongzhong.php?mxxq/x5zhqz.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-3300-47a8-a7a1-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/pay/leqiantun.php?261125/qianya.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-a364-490d-bfc8-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?ohkxgrhp/mr5ughg.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-11fc-4c26-8046-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/kor/wennan.php?ft1zg3mu/7shb1ut.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-70cc-4124-87d9-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/flash/pingpingci.php?7up9/yi9kbl.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-d740-4370-b8fd-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/js/binshajiao.php?touyong41/wengtui.html?93157/index.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64d-c7d0-4bf6-bb75-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?rjucfcno/dfktc8f.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-5fcc-4104-8df9-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?9fccevgz/6fp0cs0.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-c5d4-4802-bcb1-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.damuchang.com/plus/kuxun.php?8zlc/kellsp.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-bb50-41ec-a8c8-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.damuchang.com/plus/kuxun.php?ypxygsks/ojh0og0.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-bbfc-48d0-9578-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/sidizai.php?mmgsy0k8/edgywsm.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-f2ec-46d8-bfd0-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/yuguyong.php?k6l8vhgk/slejqyc.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-a4b0-40c1-9c74-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:17.000Z", "modified": "2018-08-14T12:11:17.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?h0ir5s5i/iw7kdfi.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-6ab4-4c9a-96ee-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?3n4ja9op/pj1ahew.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-2854-45c8-9f26-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/yonglan.php?c9qnv500/hoxfkae.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-b35c-4a9c-8005-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?8elxaume/6t7qol8.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-1070-4d93-a1d3-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/dun.php?g581/0lmnoq.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-80b8-46f6-a84c-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/lieyunhui.php?0v1i/4wfjsg.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-611c-408f-b684-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/shanzhan.php?je48neca/yfbawd0.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-aa70-4b8c-8fae-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/yuguyong.php?aizurns8/6cntwvy.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-c198-4c23-bc53-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/shanzhan.php?f7xijdpo/it5adaj.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-c13c-4dfd-8922-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?ai4cy0zf/txfbccn.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-7c18-438f-8806-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?l4dlbjti/5hplmxv.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-a820-4e5b-b873-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/dun.php?xs6d/dmy0xb.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-f818-4544-bb2c-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?qcggyonz/exl9nsq.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-8798-4a5a-8985-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?7aonwar8/u0uzm9l.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-e880-4df2-a2fa-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?vn1w/ylgkiu.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-0ffc-4f07-bc84-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?qom3gn65/n9go3cb.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-2f7c-4d22-a086-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/dun.php?ywzs/haj65t.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-2a8c-41b9-b378-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?0ih4/sezvsm.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-4150-4c54-883e-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?d7pg/iftsss.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-8eb0-48d4-a76c-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?9jgw/alp3yg.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-3cf0-4e8a-bd90-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?a0db/0adjzh.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-c910-4850-b7c7-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/yj/keqihe.php?niw3/xhjxu5.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-0e18-410c-b608-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?bmmq/x4hkmo.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-2f54-420a-bd34-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?cjey/ppshko.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-be54-4327-bc13-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:13.000Z", "modified": "2018-08-14T12:11:13.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.qcfk120.com/smzx/gu.php?veam/1lgvr4.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-72f8-4851-bcd4-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?sxkotuzn/ebsqxjv.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-35ec-4b4a-91f1-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://xtw.bhbhxy.com/ztbd/shunfan.php?hqyb7e7k/i1vqegx.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-6578-4068-b024-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/special/qinshifen.php?sxiyvjmw/ryi9to4.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-4e90-4dc0-a3ac-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/special/naisongsu.php?s5wvcdp1/txkn4oq.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-6d98-42ba-b116-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/member/baikongtao.php?tohiauwi/gir56wi.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-5280-4b90-ba1c-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?ztu0/ddyhkj.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-c4bc-4046-805c-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:16.000Z", "modified": "2018-08-14T12:11:16.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?rksb/naecy2.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-ef34-4bed-a532-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/sidizai.php?fbma/385vub.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-35fc-41f1-a68c-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/qiaofugai.php?bdh3siju/f54z2ij.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-fe6c-4914-9556-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/yuguyong.php?37c2zx4x/vnvovcg.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-4a60-4e49-94df-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/sidizai.php?oh2qzhdc/wjwbklx.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-a1bc-47ff-a274-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?gfyd/uyaumf.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-7348-4cd9-8d09-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/shanzhan.php?csie/8ovbfx.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-6c6c-484c-b77b-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?mwoq/qxqyrl.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-aab4-478c-ac03-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.job088.com/nanglianxin.php?g5ogulyd/lzaxfmk.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-7d6c-4a57-9c44-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:14.000Z", "modified": "2018-08-14T12:11:14.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.cncszs.com/neican/anjiao.php?ysyn/hynh6k.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-90ac-4115-8962-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.nbysxx.com/zhanbuzi.php?ldpj\\\\%2Fojyi70.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-a6b4-4f8d-ae91-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.tbgjdj.com/plus/zhixiong.php?hukf\\\\%2Fq9pgmv.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-8624-4d79-b426-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.nbysxx.com/zhanbuzi.php?e8rqnks5\\\\%2Fnajaqcy.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-d1d0-4c6b-b3cf-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.wzwmw.com/tbzfb/yalianglai.php?pzxh\\\\%2Foowmfb.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-27e4-4955-a051-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.dmgpark.com/kor/wennan.php?zjls\\\\%2Fucvtnc.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-d984-44bd-82ef-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.gzqc.com.cn/biyadi/chiqiang.php?3vef\\\\%2Fuwmcir.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-5300-4ebf-884a-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.gzqc.com.cn/biyadi/chiqiang.php?lmsw0nhe\\\\%2Ft7bcglj.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-4764-4f55-9aa1-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.zctaozhi.com/jobfair/juyuao.php?oxvofwop\\\\%2Fq8hyzg5.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-830c-4842-ba5d-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:15.000Z", "modified": "2018-08-14T12:11:15.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.zctaozhi.com/jobfair/juyuao.php?yg4f\\\\%2Fefibbh.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b72c64e-9654-4df0-91eb-a4bd0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-08-14T12:11:18.000Z", "modified": "2018-08-14T12:11:18.000Z", "description": "96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7: Enriched via VT", "pattern": "[url:value = 'http://www.gzqc.com.cn/biyadi/chiqiang.php?y3nd\\\\%2Fgbmjzt.html']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-08-14T12:11:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }