{ "type": "bundle", "id": "bundle--5c7c0198-81b0-41d8-9839-4c4d02de0b81", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:43:54.000Z", "modified": "2019-03-03T16:43:54.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5c7c0198-81b0-41d8-9839-4c4d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:43:54.000Z", "modified": "2019-03-03T16:43:54.000Z", "name": "OSINT - The Supreme Backdoor Factory", "published": "2019-03-03T16:44:09Z", "object_refs": [ "x-misp-attribute--5c7c01aa-a188-45f1-8764-43ed02de0b81", "observed-data--5c7c01b8-76bc-4d2f-89e9-4def02de0b81", "url--5c7c01b8-76bc-4d2f-89e9-4def02de0b81", "indicator--5c7c0221-ad6c-4faa-9f04-44fb02de0b81", "indicator--5c7c0221-b408-498a-b6f5-4a7c02de0b81", "indicator--5c7c0221-369c-414d-9b4d-4e2302de0b81", "indicator--5c7c0221-dac8-49e9-97f7-424802de0b81", "indicator--5c7c0221-9ca4-4f78-b65c-450802de0b81", "indicator--5c7c0221-7780-4372-8ad0-4e9c02de0b81", "indicator--5c7c0221-331c-406b-8682-495502de0b81", "indicator--5c7c0221-f304-4db3-a440-48cd02de0b81", "indicator--5c7c0221-b5a8-4d99-9dc6-46b202de0b81", "indicator--5c7c0221-64c4-4c4a-af4a-4c1d02de0b81", "indicator--5c7c0221-0ecc-48d6-8dc2-458102de0b81", "indicator--5c7c0221-b104-4883-b418-4f7a02de0b81", "indicator--5c7c0221-5594-4a1d-82d1-4a3e02de0b81", "indicator--5c7c0221-1518-473f-bc5e-446d02de0b81", "indicator--5c7c0221-ca10-455e-b36a-409302de0b81", "indicator--5c7c0221-8034-4137-a4ec-42ac02de0b81", "indicator--5c7c0221-29d8-4bfb-9c0f-48f702de0b81", "indicator--5c7c0221-c0bc-4b8f-80eb-4e0b02de0b81", "indicator--5c7c0221-5fd4-41ed-818c-4e4d02de0b81", "indicator--5c7c0221-fc30-4bee-ac7b-4f7802de0b81", "indicator--5c7c0221-aa20-4e25-8353-4feb02de0b81", "indicator--5c7c0221-4fdc-4eb8-a833-41ee02de0b81", "indicator--5c7c0221-f6c4-4d71-bd00-4baf02de0b81", "indicator--5c7c0221-976c-4594-8f75-4abe02de0b81", "indicator--5c7c0221-3d28-4347-8099-423d02de0b81", "indicator--5c7c0221-d920-412f-8566-4bf002de0b81", "indicator--5c7c0221-7b58-4f3e-a4a3-499b02de0b81", "indicator--5c7c0221-2880-4b7e-ae9f-41d302de0b81", "indicator--5c7c0221-cf68-4dcf-b6fb-435502de0b81", "indicator--5c7c0221-82d0-438a-98c3-43a202de0b81", "indicator--5c7c0221-2bac-4fd0-bd42-4a9402de0b81", "indicator--5c7c0221-e108-4b86-934d-48a002de0b81", "indicator--5c7c0221-b928-4b36-9748-4c1002de0b81", "indicator--5c7c0221-9210-470c-b1b4-437c02de0b81", "indicator--5c7c0221-5324-4576-893a-4c8802de0b81", "indicator--5c7c0221-4958-4ecd-8dc7-473602de0b81", "indicator--5c7c0221-54a4-4716-8c17-49e902de0b81", "indicator--5c7c0221-4c68-49c1-868e-4cfe02de0b81", "indicator--5c7c0221-33c4-4a37-a93c-412f02de0b81", "indicator--5c7c0221-0928-4d71-ad77-48da02de0b81", "indicator--5c7c0221-f2dc-4157-bbe3-460902de0b81", "indicator--5c7c0221-cdb8-48ce-90a4-4f9402de0b81", "indicator--5c7c0221-9958-4b51-8dee-4cfc02de0b81", "indicator--5c7c0221-68e0-4f18-9500-4f1e02de0b81", "indicator--5c7c0221-3a5c-41be-b676-408302de0b81", "indicator--5c7c0221-0534-4e57-9133-4bab02de0b81", "indicator--5c7c0221-c454-46b3-a8bd-4e3e02de0b81", "indicator--5c7c0221-636c-4469-baa0-4ec902de0b81", "indicator--5c7c0221-0fcc-4894-9740-4c0902de0b81", "indicator--5c7c0221-af48-4800-b436-4e9e02de0b81", "indicator--5c7c0221-4564-4e1c-a712-488002de0b81", "indicator--5c7c0221-e9f4-42ca-b98e-45ab02de0b81", "indicator--5c7c0221-813c-49dc-a9c9-486502de0b81", "indicator--5c7c0221-08e4-40a4-9954-462d02de0b81", "indicator--5c7c0221-84d4-44fd-be42-4c9402de0b81", "indicator--5c7c0221-fd40-4531-b691-422a02de0b81", "indicator--5c7c0221-7de0-4909-b91b-413d02de0b81", "indicator--5c7c0221-0b00-4ad3-8e67-4d8c02de0b81", "indicator--5c7c0221-9500-49a6-bf0c-43b402de0b81", "indicator--5c7c0221-2158-47d1-abe5-4ba902de0b81", "indicator--5c7c0221-b0d0-45fc-af6f-4a7f02de0b81", "indicator--5c7c0221-3eb8-4ede-8fab-46f002de0b81", "indicator--5c7c0221-d3a8-4ec0-9069-4f5602de0b81", "indicator--5c7c0221-7ce8-4ae1-b7bf-4d5502de0b81", "indicator--5c7c0221-2f88-46ba-844b-4c6502de0b81", "indicator--5c7c0221-eea8-4f82-b213-41ff02de0b81", "indicator--5c7c0221-99dc-4682-bf80-430f02de0b81", "indicator--5c7c0221-4128-4894-a1b1-4c8902de0b81", "indicator--5c7c0221-eb30-42e8-b5ef-4da102de0b81", "indicator--5c7c0221-8bd8-4c38-9fd7-438302de0b81", "indicator--5c7c0221-3a2c-4d19-b12a-443802de0b81", "indicator--5c7c0221-e5c4-46be-b216-423f02de0b81", "indicator--5c7c0221-9b20-4464-88d5-43e502de0b81", "indicator--5c7c0221-51a8-48dd-bdcb-40b902de0b81", "indicator--5c7c0221-063c-43ad-b910-4d6402de0b81", "indicator--5c7c0221-aacc-4bb3-af32-493e02de0b81", "indicator--5c7c0221-5a4c-49f8-a29c-4b5d02de0b81", "indicator--5c7c0221-09cc-44a5-90a8-441202de0b81", "indicator--5c7c0221-ac04-4112-bc66-42a802de0b81", "indicator--5c7c0221-5224-4c17-ab7a-418302de0b81", "indicator--5c7c0221-f650-4594-b95b-402b02de0b81", "indicator--5c7c0221-b2b4-456a-b640-4f4902de0b81", "indicator--5c7c0221-5104-4dc6-9130-411102de0b81", "indicator--5c7c0221-03a4-4ec6-8adb-43b002de0b81", "indicator--5c7c0221-c198-4172-8ce9-4d6b02de0b81", "indicator--5c7c0221-baec-47a1-b4d2-44c302de0b81", "indicator--5c7c0221-b9b8-4295-955a-439f02de0b81", "indicator--5c7c0221-b49c-4583-a094-42df02de0b81", "indicator--5c7c0221-9748-4c72-9213-44f802de0b81", "indicator--5c7c0249-13c0-4e96-9e84-47a202de0b81", "indicator--5c7c0249-6818-47b1-8dfa-4b7402de0b81", "indicator--5c7c0249-9308-4fc2-af8f-448902de0b81", "indicator--5c7c0249-974c-4f32-bca6-4fde02de0b81", "indicator--5c7c0249-ab30-4bc1-b098-48c002de0b81", "indicator--5c7c0249-cacc-460d-83aa-4e9502de0b81", "indicator--5c7c0249-f620-4700-8070-48c402de0b81", "indicator--5c7c0249-43d4-4b30-96e1-42f502de0b81", "indicator--5c7c0249-9890-442f-a2c8-4a7702de0b81", "indicator--5c7c0249-c0c4-494c-abdd-44c702de0b81", "indicator--5c7c0249-0900-4bb0-894d-4a1502de0b81", "indicator--5c7c0249-3fa8-47aa-9b11-4c8602de0b81", "indicator--5c7c0249-8eec-4986-afc5-458002de0b81", "indicator--5c7c0249-bef0-4611-971d-49da02de0b81", "indicator--5c7c0249-10f0-4524-8bfb-42da02de0b81", "indicator--5c7c0249-62f0-4798-a3e2-4e1c02de0b81", "indicator--5c7c0249-792c-4fde-9a32-490d02de0b81", "indicator--5c7c0249-9f08-410d-b9c0-407b02de0b81", "indicator--5c7c0249-c2f0-42df-b6ad-429502de0b81", "indicator--5c7c0249-f164-4356-9dc5-40ca02de0b81", "indicator--5c7c0249-0098-4b7c-b379-4ee302de0b81", "indicator--5c7c0249-160c-4846-a2c8-444102de0b81", "indicator--5c7c0249-22e8-4b30-b5e5-4cbd02de0b81", "indicator--5c7c0249-3d0c-4e20-898e-4f7102de0b81", "indicator--5c7c0249-79f4-45db-872f-4a7a02de0b81", "indicator--5c7c0249-b3bc-4e05-a247-491302de0b81", "indicator--5c7c0249-cd18-4c90-816c-4b9002de0b81", "indicator--5c7c0249-d79c-4bea-bc37-4a2102de0b81", "indicator--5c7c0249-d53c-43eb-b947-42c202de0b81", "indicator--5c7c0249-e27c-4385-b258-4e8e02de0b81", "indicator--5c7c0249-f4d0-4068-8cd1-49a002de0b81", "indicator--5c7c0249-36cc-43aa-8d2d-47e202de0b81", "indicator--5c7c0249-1720-420c-87d1-4eac02de0b81", "indicator--5c7c0249-eedc-4646-a871-4b8702de0b81", "indicator--5c7c0249-d05c-4e83-b419-4bc402de0b81", "indicator--5c7c0249-d310-42a3-9040-44e702de0b81", "indicator--5c7c0249-beb8-41a2-98cf-4c2302de0b81", "indicator--5c7c0249-b67c-4dac-9b65-4d5c02de0b81", "indicator--5c7c0249-b868-4529-89a8-425f02de0b81", "indicator--5c7c0249-be3c-41f6-8add-44dc02de0b81", "indicator--5c7c024a-f9b8-4717-9a28-438602de0b81", "indicator--5c7c024a-0c70-426b-a1f2-492002de0b81", "indicator--5c7c024a-23d8-4999-8c74-44cd02de0b81", "indicator--5c7c024a-48ec-4243-952a-499b02de0b81", "indicator--5c7c024a-5d98-4501-8d96-433f02de0b81", "indicator--5c7c024a-80b8-4f00-82d0-475b02de0b81", "indicator--5c7c024a-2074-4671-ae37-466902de0b81", "indicator--5c7c024a-d1c4-4155-9998-499202de0b81", "indicator--5c7c024a-a4ac-4db8-936d-4bff02de0b81", "indicator--5c7c024a-7668-42f4-91f6-41a702de0b81", "indicator--5c7c024a-9988-4367-8082-41ac02de0b81", "indicator--5c7c024a-8b70-4356-942a-413602de0b81", "indicator--5c7c024a-907c-4aac-a483-4fb302de0b81", "indicator--5c7c024a-ae88-484d-9561-498402de0b81", "indicator--5c7c024a-f854-49f4-9d99-48c802de0b81", "indicator--5c7c024a-2790-4287-bb8b-4d2802de0b81", "indicator--5c7c024a-602c-4683-bc6f-4a8702de0b81", "indicator--5c7c024a-a930-4e25-be10-489b02de0b81", "indicator--5c7c024a-e294-42bc-b687-411602de0b81", "indicator--5c7c024a-ed7c-469a-900b-46d702de0b81", "indicator--5c7c024a-01c4-4c74-a09a-414502de0b81", "indicator--5c7c024a-192c-4d60-8137-4f8702de0b81", "indicator--5c7c024a-2ea0-4dc3-b311-411902de0b81", "indicator--5c7c024a-3e38-44fd-9919-473002de0b81", "indicator--5c7c024a-5d70-4cbe-bd5a-489702de0b81", "indicator--5c7c024a-640c-484a-a110-492902de0b81", "indicator--5c7c024a-7f5c-4d0e-8450-47cd02de0b81", "indicator--5c7c024a-707c-4258-9e18-49b502de0b81", "indicator--5c7c024a-c600-4022-8d16-481302de0b81", "indicator--5c7c024a-fab4-4cc2-96ef-4d6602de0b81", "indicator--5c7c024a-0efc-47f4-9e5c-430102de0b81", "indicator--5c7c024a-0d64-410f-a383-482a02de0b81", "indicator--5c7c024a-cfa4-4079-ad2f-4f6302de0b81", "indicator--5c7c02dc-f800-458c-b6cd-4c5002de0b81", "indicator--5c7c02dc-d068-41a8-8394-447302de0b81", "indicator--5c7c02dc-00a8-4bf9-9605-445802de0b81", "indicator--5c7c02dc-0c94-4639-bd5d-4d1102de0b81", "indicator--5c7c02dc-cca8-4b3c-aa8c-4c5702de0b81", "indicator--5c7c02dc-4c64-4faf-8bb9-4bbf02de0b81", "indicator--5c7c02dc-e5b8-4cb7-826e-45f402de0b81", "indicator--5c7c02dc-a064-45a8-b596-40e802de0b81", "indicator--5c7c02dc-0390-4f12-bd14-472802de0b81", "indicator--5c7c02dc-90c8-4b11-ac9c-452a02de0b81", "indicator--5c7c02dc-5e4c-46b3-a23d-459202de0b81", "indicator--5c7c02dc-3644-4d56-a037-4caf02de0b81", "indicator--5c7c02dc-f21c-4d42-8d57-46cb02de0b81", "indicator--5c7c02dc-2a90-45b2-8eab-439802de0b81", "indicator--5c7c02dc-9054-44a2-9762-46aa02de0b81", "indicator--5c7c02dc-466c-406b-a889-4d1002de0b81", "indicator--5c7c0329-1fa0-4c09-8509-44d402de0b81", "indicator--5c7c0329-9cfc-4b05-957a-42fc02de0b81", "indicator--5c7c0329-089c-4f9f-9419-4e3902de0b81", "indicator--5c7c0329-9428-4c9d-9eed-422f02de0b81", "indicator--5c7c0329-0a70-4b5f-814a-40d602de0b81", "indicator--5c7c0329-c174-4914-b716-47e202de0b81", "indicator--5c7c0329-9e80-4abd-886e-48c702de0b81", "indicator--5c7c0329-ea18-4697-97a6-408f02de0b81", "indicator--5c7c0329-d7f0-458a-aa3a-4d6502de0b81", "indicator--5c7c0329-4fb0-436e-b5d0-454702de0b81", "indicator--5c7c0329-5a84-4289-9e39-4f8f02de0b81", "indicator--5c7c0329-0e28-4ded-97ca-4bfd02de0b81", "indicator--5c7c0329-ee30-40fe-8876-4e8202de0b81", "indicator--5c7c0329-b764-4509-a423-483402de0b81", "indicator--5c7c0329-3c0c-41c9-ba81-425602de0b81", "indicator--5c7c0329-b1cc-480a-96a0-47d302de0b81", "observed-data--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "network-traffic--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "observed-data--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "network-traffic--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "indicator--5c7c0410-8f20-4cbd-bbc4-4b3e02de0b81", "indicator--5c7c0410-b880-44e3-b03e-422102de0b81", "indicator--5c7c0410-9230-4359-8594-436902de0b81", "indicator--5c7c0410-67f8-423d-baf4-421f02de0b81", "indicator--5c7c0410-3140-48a5-9438-42e102de0b81", "indicator--0c6b7f2f-30ac-4fa2-958f-94fbb50f894e", "x-misp-object--c45f991f-5f70-4419-b2b1-1ba1609a10af", "indicator--f1f73447-1b14-4ae1-a8c4-4a094ae66416", "x-misp-object--af3e2650-e6dd-453a-ab71-e3a22cc735c8", "indicator--ad497e60-8895-4967-ae45-2a64ccac91d3", "x-misp-object--d83f4778-c40d-4e7d-9acc-e8bcfd7c925b", "indicator--6e35a2c3-5a83-4c25-bbea-d304de8bef8a", "x-misp-object--e1710ee5-770e-49a6-81a0-d534b641805a", "indicator--167cb709-e3ee-4fe9-bda9-e333b99cce0a", "x-misp-object--b55a75d9-352b-4fd0-a6d8-7897395461b1", "indicator--ce897d99-d116-43d0-959b-fbe57566ea72", "x-misp-object--46b426bf-55cc-44a4-a0b3-de40270414fe", "indicator--61b1cb3e-62ee-4b70-a561-646f511bb520", "x-misp-object--ad03d449-4454-44a2-a75e-3465ec582992", "indicator--8268456e-e83d-4737-a7a8-06ea323d880c", "x-misp-object--41dfaa85-2917-4a95-9674-f8091308d9e2", "indicator--3b469718-143a-4a84-b8ae-ec7aff951925", "x-misp-object--6a1a234d-b827-4ea9-af35-988c5eb536dc", "indicator--74ae1e56-ff5a-4f74-a56d-dc6157c32158", "x-misp-object--24461164-3e40-49b2-94c0-0e997c7544f8", "indicator--e3c014ed-fd41-4d0c-84aa-98ca3bd4c9dd", "x-misp-object--dbb117e4-aa8b-4b11-8ef6-c52b2ce4e72a", "relationship--dda6152c-eb02-48dc-8776-d0a5f07d2a79", "relationship--184a7e4b-28ef-426a-9f72-f58fb9dd6ded", "relationship--d45ad5e0-0fa6-47a5-9f21-d0e867a17bba", "relationship--d282e291-9168-4e59-951c-4aec5583d208", "relationship--8e4b7ff3-8480-42e5-b847-268db1aa8c3a", "relationship--5e6771af-955c-4ffc-a61b-8e19ec012b59", "relationship--ef80e3b5-b5d2-4162-93c4-fee8dc0fb4a2", "relationship--d5723758-4b82-4566-82e4-49fcf1352987", "relationship--8536e3e3-d273-446b-8604-80816b6e96a5", "relationship--ffcba393-855a-41f6-b666-4ee8f36ccaa6", "relationship--27d12b66-0cca-4cc0-9a53-e7e65eadb9d2" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT", "osint:lifetime=\"perpetual\"", "osint:certainty=\"50\"", "ecsirt:intrusions=\"backdoor\"", "misp-galaxy:mitre-attack-pattern=\"Supply Chain Compromise - T1195\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5c7c01aa-a188-45f1-8764-43ed02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:32:42.000Z", "modified": "2019-03-03T16:32:42.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"External analysis\"" ], "x_misp_category": "External analysis", "x_misp_type": "text", "x_misp_value": "Recently I was playing with VirusTotal Intelligence and while testing some dynamic behavior queries I stumbled upon this strange PE binary (MD5: 7fce12d2cc785f7066f86314836c95ec). The file claimed to be an installer for the JXplorer 3.3.1.2, a Java-based \u00e2\u20ac\u0153cross platform LDAP browser and editor\u00e2\u20ac\u009d as indicated on its official web page. Why was it strange? Mostly because I did not expect an installer for a quite popular LDAP browser to create a scheduled task in order to download and execute PowerShell code from a subdomain hosted by free dynamic DNS provide" }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5c7c01b8-76bc-4d2f-89e9-4def02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:32:56.000Z", "modified": "2019-03-03T16:32:56.000Z", "first_observed": "2019-03-03T16:32:56Z", "last_observed": "2019-03-03T16:32:56Z", "number_observed": 1, "object_refs": [ "url--5c7c01b8-76bc-4d2f-89e9-4def02de0b81" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5c7c01b8-76bc-4d2f-89e9-4def02de0b81", "value": "https://dfir.it/blog/2019/02/26/the-supreme-backdoor-factory/" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-ad6c-4faa-9f04-44fb02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'beataschumska']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b408-498a-b6f5-4a7c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'henrichjahoda']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-369c-414d-9b4d-4e2302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adorehollenberger']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-dac8-49e9-97f7-424802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'marceltutailo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-9ca4-4f78-b65c-450802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'peggyverduin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-7780-4372-8ad0-4e9c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'burhanick']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-331c-406b-8682-495502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'alicialohitka']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-f304-4db3-a440-48cd02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'carolewilmot']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b5a8-4d99-9dc6-46b202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'darinkaleo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-64c4-4c4a-af4a-4c1d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ladislavask']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-0ecc-48d6-8dc2-458102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'malinov97']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b104-4883-b418-4f7a02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'liannepitter']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-5594-4a1d-82d1-4a3e02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'vaclaw281']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-1518-473f-bc5e-446d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'serkovs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-ca10-455e-b36a-409302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'viviyanzuraski']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-8034-4137-a4ec-42ac02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'kathlinrichardi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-29d8-4bfb-9c0f-48f702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'harliearrighi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-c0bc-4b8f-80eb-4e0b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'georgenadowers']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-5fd4-41ed-818c-4e4d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'bucka23']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-fc30-4bee-ac7b-4f7802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adamkulecky']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-aa20-4e25-8353-4feb02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'dretressel']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-4fdc-4eb8-a833-41ee02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'martieklarmann']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-f6c4-4d71-bd00-4baf02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'simonmirolok']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-976c-4594-8f75-4abe02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'vladekmikor']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-3d28-4347-8099-423d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jelamarucka']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-d920-412f-8566-4bf002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'catheewardenburg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-7b58-4f3e-a4a3-499b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'booohumir']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-2880-4b7e-ae9f-41d302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ballory']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-cf68-4dcf-b6fb-435502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'alicaangelaaa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-82d0-438a-98c3-43a202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'wynnwhooley']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-2bac-4fd0-bd42-4a9402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'darylprivitt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-e108-4b86-934d-48a002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'mansiiqkal']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b928-4b36-9748-4c1002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'philippinefalotico']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-9210-470c-b1b4-437c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'colettabauguss']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-5324-4576-893a-4c8802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'mstarenna']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-4958-4ecd-8dc7-473602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'sibyllabalkam']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-54a4-4716-8c17-49e902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'stangard09']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-4c68-49c1-868e-4cfe02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'apalicka']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-33c4-4a37-a93c-412f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'johnaallanson']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-0928-4d71-ad77-48da02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'gczunka']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-f2dc-4157-bbe3-460902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'gabrieolo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-cdb8-48ce-90a4-4f9402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'mabostracky']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-9958-4b51-8dee-4cfc02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'alexiejmarckut']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-68e0-4f18-9500-4f1e02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'eugeniamcqueary']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-3a5c-41be-b676-408302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'lorielagala']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-0534-4e57-9133-4bab02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'syedlopez']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-c454-46b3-a8bd-4e3e02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jamiekaylor']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-636c-4469-baa0-4ec902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'myriamdavine']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-0fcc-4894-9740-4c0902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ariellaglading']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-af48-4800-b436-4e9e02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'zdenkohenkotss']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-4564-4e1c-a712-488002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'peska817']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-e9f4-42ca-b98e-45ab02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'nickideanna']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-813c-49dc-a9c9-486502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'milosbukietov']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-08e4-40a4-9954-462d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'nikkihorvatin']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-84d4-44fd-be42-4c9402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'navsty091']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-fd40-4531-b691-422a02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adamrybak9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-7de0-4909-b91b-413d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'zuzkaya34']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-0b00-4ad3-8e67-4d8c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'chandramorando']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-9500-49a6-bf0c-43b402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'barbeebernbaum']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-2158-47d1-abe5-4ba902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'sonajukubska']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b0d0-45fc-af6f-4a7f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'lenabrekken']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-3eb8-4ede-8fab-46f002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'binnykimmerling']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-d3a8-4ec0-9069-4f5602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ailynmittleman']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-7ce8-4ae1-b7bf-4d5502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'sharityfedorova']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-2f88-46ba-844b-4c6502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'marjorystubstad']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-eea8-4f82-b213-41ff02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'karibanker']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-99dc-4682-bf80-430f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'glorybatelli']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-4128-4894-a1b1-4c8902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jeanelletobler']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-eb30-42e8-b5ef-4da102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'stacischierbeek']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-8bd8-4c38-9fd7-438302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'danaochdana']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-3a2c-4d19-b12a-443802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jurajkabackov']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-e5c4-46be-b216-423f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'luboslucia']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-9b20-4464-88d5-43e502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adalineciochon']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-51a8-48dd-bdcb-40b902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'markodelka']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-063c-43ad-b910-4d6402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ivetakovac']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-aacc-4bb3-af32-493e02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'emilemilan290']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-5a4c-49f8-a29c-4b5d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'rochettecoahran']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-09cc-44a5-90a8-441202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'danielstrnad']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-ac04-4112-bc66-42a802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'aurelrybar']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-5224-4c17-ab7a-418302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ivonka271']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-f650-4594-b95b-402b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'violetstanziola']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b2b4-456a-b640-4f4902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'lonniewarmerdam']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-5104-4dc6-9130-411102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'gregzima']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-03a4-4ec6-8adb-43b002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adrianzigich']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-c198-4172-8ce9-4d6b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'romolaoesterreicher']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-baec-47a1-b4d2-44c302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'danitagotwald']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b9b8-4295-955a-439f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'brandaisdimilia']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-b49c-4583-a094-42df02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adunkins']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0221-9748-4c72-9213-44f802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:34:41.000Z", "modified": "2019-03-03T16:34:41.000Z", "description": "Malicious github account", "pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'snacknroll11']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:34:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Social network" } ], "labels": [ "misp:type=\"github-username\"", "misp:category=\"Social network\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-13c0-4e96-9e84-47a202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/beataschumska/json-lib']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-6818-47b1-8dfa-4b7402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/gregzima/robocode']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-9308-4fc2-af8f-448902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/bucka23/jpwsafe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-974c-4f32-bca6-4fde02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/burhanick/minecraft']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-ab30-4bc1-b098-48c002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/ivonka271/newgenlib']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-cacc-460d-83aa-4e9502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/markodelka/upnp-portmapper']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-f620-4700-8070-48c402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/milosbukietov/tuatra']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-43d4-4b30-96e1-42f502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/mabostracky/tn5250j']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-9890-442f-a2c8-4a7702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/gczunka/ta-lib']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-c0c4-494c-abdd-44c702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/ladislavask/super-mario-bros-java']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-0900-4bb0-894d-4a1502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/vladekmikor/soniccandle']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-3fa8-47aa-9b11-4c8602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/marceltutailo/snpeff']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-8eec-4986-afc5-458002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/syedlopez/proguard']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-bef0-4611-971d-49da02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/simonmirolok/plantuml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-10f0-4524-8bfb-42da02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/jelamarucka/pdfjumbler']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-62f0-4798-a3e2-4e1c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/navsty091/opencsv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-792c-4fde-9a32-490d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/darinkaleo/neuroph']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-9f08-410d-b9c0-407b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/peska817/mondrian']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-c2f0-42df-b6ad-429502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/serkovs/jxplorer']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-f164-4356-9dc5-40ca02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/vaclaw281/junit']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-0098-4b7c-b379-4ee302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/jurajkabackov/jtreeview']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-160c-4846-a2c8-444102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/stangard09/jt400']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-22e8-4b30-b5e5-4cbd02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/emilemilan290/jnative']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-3d0c-4e20-898e-4f7102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/sonajukubska/jmxterm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-79f4-45db-872f-4a7a02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/ivetakovac/jmusic']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-b3bc-4e05-a247-491302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adamkulecky/jmt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-cd18-4c90-816c-4b9002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/alicialohitka/jdatepicker']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-d79c-4bea-bc37-4a2102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/danielstrnad/jalmus']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-d53c-43eb-b947-42c202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/zuzkaya34/jackcess']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-e27c-4385-b258-4e8e02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/mstarenna/hermesjms']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-f4d0-4068-8cd1-49a002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/booohumir/geotools']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-36cc-43aa-8d2d-47e202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/alicaangelaaa/gcviewer']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-1720-420c-87d1-4eac02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/zdenkohenkotss/ermaster']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-eedc-4646-a871-4b8702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/aurelrybar/editbox']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-d05c-4e83-b419-4bc402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/mansiiqkal/easymodbustcp-udp-java']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-d310-42a3-9040-44e702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/malinov97/csvjdbc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-beb8-41a2-98cf-4c2302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/danaochdana/checkstyle']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-b67c-4dac-9b65-4d5c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/luboslucia/cglib']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-b868-4529-89a8-425f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/alexiejmarckut/blazegraph']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0249-be3c-41f6-8add-44dc02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/henrichjahoda/ardublock']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-f9b8-4717-9a28-438602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:21.000Z", "modified": "2019-03-03T16:35:21.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adamrybak9/aopalliance']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-0c70-426b-a1f2-492002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adorehollenberger/rlgamekit']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-23d8-4999-8c74-44cd02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/liannepitter/java-chess-2d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-48ec-4243-952a-499b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/dretressel/teachingbox']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-5d98-4501-8d96-433f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/barbeebernbaum/sudokuki']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-80b8-4f00-82d0-475b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/johnaallanson/strong-java-chess']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-2074-4671-ae37-466902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/eugeniamcqueary/spaceaction3000']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-d1c4-4155-9998-499202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/lonniewarmerdam/scopadiluigiusai']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-a4ac-4db8-936d-4bff02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/sibyllabalkam/quorum']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-7668-42f4-91f6-41a702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/sharityfedorova/pedroso-game-work']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-9988-4367-8082-41ac02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/ailynmittleman/openpatrician']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-8b70-4356-942a-413602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/darylprivitt/jskat']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-907c-4aac-a483-4fb302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/lenabrekken/jsettlers2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-ae88-484d-9561-498402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/harliearrighi/jmatrixgame']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-f854-49f4-9d99-48c802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/glorybatelli/java-marvel-character-creator']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-2790-4287-bb8b-4d2802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/jeanelletobler/gumbo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-602c-4683-bc6f-4a8702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/rochettecoahran/game-of-life-bison']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-a930-4e25-be10-489b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/karibanker/eug']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-e294-42bc-b687-411602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/brandaisdimilia/space-faring']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-ed7c-469a-900b-46d702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/gabrieolo/bounceball']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-01c4-4c74-a09a-414502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/ballory/ffmpeg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-192c-4d60-8137-4f8702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/apalicka/javachess']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-2ea0-4dc3-b311-411902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/philippinefalotico/cardriving']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-3e38-44fd-9919-473002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/snacknroll11/streettalk_priv_bot']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-5d70-4cbe-bd5a-489702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/gcc-linaro-7.2.1-armv8l-linux-gnu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-640c-484a-a110-492902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/gcc-linaro-7.2.1-arm-linux-gnu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-7f5c-4d0e-8450-47cd02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/gcc-linaro-7.2.1-aarch64-linux-gnu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-707c-4258-9e18-49b502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/mingw64_o3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-c600-4022-8d16-481302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/mingw32_o3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-fab4-4cc2-96ef-4d6602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/openwrt_toolchain']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-0efc-47f4-9e5c-430102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/sagemfast-crosscompiler']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-0d64-410f-a383-482a02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/ios_toolchain']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c024a-cfa4-4079-ad2f-4f6302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:35:22.000Z", "modified": "2019-03-03T16:35:22.000Z", "description": "Malicious github repository", "pattern": "[url:value = 'https://github.com/adunkins/toolchain-ppc-tuxbox-old_s']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:35:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-f800-458c-b6cd-4c5002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '7fce12d2cc785f7066f86314836c95ec']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-d068-41a8-8394-447302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '6ee28018e7d31aef0b4fd6940dff1d0a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-00a8-4bf9-9605-445802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[url:value = 'https://github.com/snacknroll11/streettalk_priv_bot']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-0c94-4639-bd5d-4d1102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '9d4aeb737179995a397d675f41e5f97f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-cca8-4b3c-aa8c-4c5702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '533ac97f44b4aea1a35481d963cc9106']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-4c64-4faf-8bb9-4bbf02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = 'd7c4a1d4f75045a2a1e324ae5114ea17']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-e5b8-4cb7-826e-45f402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '65579b8ed47ca163fae2b3dffd8b4d5a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-a064-45a8-b596-40e802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[url:value = 'http://ecc.freeddns.org/data.txt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-0390-4f12-bd14-472802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = 'c78ccfc45bfba703cce0fc0c75c0f6af']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-90c8-4b11-ac9c-452a02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[url:value = 'https://github.com/ballory/ffmpeg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-5e4c-46b3-a23d-459202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '0489493aeb26b6772bf3653aedf75d2a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-3644-4d56-a037-4caf02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[url:value = 'https://github.com/serkovs/jxplorer']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-f21c-4d42-8d57-46cb02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '4d18388a9b351907be4a9f91785c9997']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-2a90-45b2-8eab-439802de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[url:value = 'https://github.com/mansiiqkal/easymodbustcp-udp-java']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-9054-44a2-9762-46aa02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = '815db0de2c6a610797c6735511eaaaf9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c02dc-466c-406b-a889-4d1002de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:37:48.000Z", "modified": "2019-03-03T16:37:48.000Z", "pattern": "[file:hashes.MD5 = 'dd3a38ee6b5b6340acd3bb8099f928a8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:37:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-1fa0-4c09-8509-44d402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://svf.duckdns.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-9cfc-4b05-957a-42fc02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://coppingfun.ml/blazebot']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-089c-4f9f-9419-4e3902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://allesare.sourceforge.net/en-us/bver']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-9428-4c9d-9eed-422f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://allesare.sourceforge.net/en-us/m']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-0a70-4b5f-814a-40d602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://san.strangled.net/stat']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-c174-4914-b716-47e202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://jessicacheshire.users.sourceforge.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-9e80-4abd-886e-48c702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[domain-name:value = 'limons.duckdns.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-ea18-4697-97a6-408f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[domain-name:value = 'polarbear.freeddns.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-d7f0-458a-aa3a-4d6502de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://ecc.freeddns.org/a2s.txt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-4fb0-436e-b5d0-454702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://utelemetrics.atwebpages.com/update.php?tag=']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-5a84-4289-9e39-4f8f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://yzyaio.onlinewebshop.net/act/stat.php?info=SLADE']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-0e28-4ded-97ca-4bfd02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://eln.duckdns.org/se']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-ee30-40fe-8876-4e8202de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://enl.duckdns.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-b764-4509-a423-483402de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[domain-name:value = 'sanemarine.duckdns.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-3c0c-41c9-ba81-425602de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[domain-name:value = 'lemonade.freeddns.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0329-b1cc-480a-96a0-47d302de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:05.000Z", "modified": "2019-03-03T16:39:05.000Z", "pattern": "[url:value = 'http://allesare.sourceforge.net/test/msg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:39:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:22.000Z", "modified": "2019-03-03T16:39:22.000Z", "first_observed": "2019-03-03T16:39:22Z", "last_observed": "2019-03-03T16:39:22Z", "number_observed": 1, "object_refs": [ "network-traffic--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9" ], "labels": [ "misp:type=\"ip-src\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "src_ref": "ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9", "value": "83.31.61.38" }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:39:23.000Z", "modified": "2019-03-03T16:39:23.000Z", "first_observed": "2019-03-03T16:39:23Z", "last_observed": "2019-03-03T16:39:23Z", "number_observed": 1, "object_refs": [ "network-traffic--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9" ], "labels": [ "misp:type=\"ip-src\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "src_ref": "ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9", "value": "83.7.177.233" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0410-8f20-4cbd-bbc4-4b3e02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:42:56.000Z", "modified": "2019-03-03T16:42:56.000Z", "pattern": "[file:name = '$HOME/.local/share/bbauto']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:42:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Artifacts dropped" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Artifacts dropped\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0410-b880-44e3-b03e-422102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:42:56.000Z", "modified": "2019-03-03T16:42:56.000Z", "pattern": "[file:name = '$HOME/.config/autostart/none.desktop']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:42:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Artifacts dropped" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Artifacts dropped\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0410-9230-4359-8594-436902de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:42:56.000Z", "modified": "2019-03-03T16:42:56.000Z", "pattern": "[file:name = '$HOME/Library/LaunchAgents/AutoUpdater.dat']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:42:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Artifacts dropped" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Artifacts dropped\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0410-67f8-423d-baf4-421f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:42:56.000Z", "modified": "2019-03-03T16:42:56.000Z", "pattern": "[file:name = '$HOME/Library/LaunchAgents/AutoUpdater.plist']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:42:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Artifacts dropped" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Artifacts dropped\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5c7c0410-3140-48a5-9438-42e102de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:42:56.000Z", "modified": "2019-03-03T16:42:56.000Z", "pattern": "[file:name = '$HOME/Library/LaunchAgents/SoftwareSync.plist']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:42:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Artifacts dropped" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Artifacts dropped\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--0c6b7f2f-30ac-4fa2-958f-94fbb50f894e", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:29.000Z", "modified": "2019-03-03T16:41:29.000Z", "pattern": "[file:hashes.MD5 = '65579b8ed47ca163fae2b3dffd8b4d5a' AND file:hashes.SHA1 = 'a4fe0a43cdb2cba8180c68fa94a42bdd399f52cf' AND file:hashes.SHA256 = '86a3802ad5f35262d01efe6b678585db356121807bc28105f43019cbbd0f23fb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--c45f991f-5f70-4419-b2b1-1ba1609a10af", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:30.000Z", "modified": "2019-03-03T16:41:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-02-23T12:46:29", "category": "Other", "uuid": "6e0f8e7d-3421-453d-9cf2-acdbfc47d9f4" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/86a3802ad5f35262d01efe6b678585db356121807bc28105f43019cbbd0f23fb/analysis/1550925989/", "category": "Payload delivery", "uuid": "c534456e-f48a-4239-9569-473442e6148d" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/57", "category": "Payload delivery", "uuid": "195b02ac-c8b2-45cd-bdb6-fd70f655f2c5" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--f1f73447-1b14-4ae1-a8c4-4a094ae66416", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:30.000Z", "modified": "2019-03-03T16:41:30.000Z", "pattern": "[file:hashes.MD5 = '6ee28018e7d31aef0b4fd6940dff1d0a' AND file:hashes.SHA1 = '02d82f20c1c8ac76c118ec995b00171480b4ebe2' AND file:hashes.SHA256 = 'c0313523c28288d01ba52289680b2405c1005ee7bbd0143cf116b0263245d8ba']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--af3e2650-e6dd-453a-ab71-e3a22cc735c8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:30.000Z", "modified": "2019-03-03T16:41:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-03-01T11:39:18", "category": "Other", "uuid": "9da1b58b-9692-4fcc-bd4d-828d919c3ce9" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/c0313523c28288d01ba52289680b2405c1005ee7bbd0143cf116b0263245d8ba/analysis/1551440358/", "category": "Payload delivery", "uuid": "de81b0b7-0ca8-4736-9e31-ca501f8595c4" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/70", "category": "Payload delivery", "uuid": "3604fcb6-82fe-4952-82ee-69b90d4840f2" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ad497e60-8895-4967-ae45-2a64ccac91d3", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:30.000Z", "modified": "2019-03-03T16:41:30.000Z", "pattern": "[file:hashes.MD5 = '815db0de2c6a610797c6735511eaaaf9' AND file:hashes.SHA1 = '6a143db1b43ecb2d28016fe41d9c5a7714453a76' AND file:hashes.SHA256 = '03722893c4990e0233c464e709943fb929b5cc70920c76b84a75f730f052f563']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--d83f4778-c40d-4e7d-9acc-e8bcfd7c925b", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:30.000Z", "modified": "2019-03-03T16:41:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-03-01T11:47:10", "category": "Other", "uuid": "fbd48270-3f53-4f8c-9490-34d77aec5b76" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/03722893c4990e0233c464e709943fb929b5cc70920c76b84a75f730f052f563/analysis/1551440830/", "category": "Payload delivery", "uuid": "1965f48b-119c-4d5d-9315-995cf680b5cb" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/69", "category": "Payload delivery", "uuid": "a39094f5-0df1-45a7-9c11-217fe87324e5" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--6e35a2c3-5a83-4c25-bbea-d304de8bef8a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:30.000Z", "modified": "2019-03-03T16:41:30.000Z", "pattern": "[file:hashes.MD5 = 'dd3a38ee6b5b6340acd3bb8099f928a8' AND file:hashes.SHA1 = '5cd1c492a1d51689f749f3d9caa6076872f2f3ff' AND file:hashes.SHA256 = 'b935aaa10a5b53184f33dfbc7f0314fd0ee11fb740711ce93b5a1c51d8fa1153']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--e1710ee5-770e-49a6-81a0-d534b641805a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:30.000Z", "modified": "2019-03-03T16:41:30.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-03-01T11:42:16", "category": "Other", "uuid": "09af03a7-06ac-4d02-81c2-946bea40d36e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/b935aaa10a5b53184f33dfbc7f0314fd0ee11fb740711ce93b5a1c51d8fa1153/analysis/1551440536/", "category": "Payload delivery", "uuid": "7581aee5-44bb-40cc-90e6-25cdce71fdbc" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/69", "category": "Payload delivery", "uuid": "75f36b0a-3da3-4f93-9c86-12c4eb0dc53d" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--167cb709-e3ee-4fe9-bda9-e333b99cce0a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "pattern": "[file:hashes.MD5 = '7fce12d2cc785f7066f86314836c95ec' AND file:hashes.SHA1 = '84afdf87894eb0389dfdbdde6278f36e9348457a' AND file:hashes.SHA256 = '5e3bba9a94ff757400ce5a0f2a2a43076c515bc0e3728964b4f58f503ed9917c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--b55a75d9-352b-4fd0-a6d8-7897395461b1", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-03-01T11:40:25", "category": "Other", "uuid": "ea2523de-13a2-49c2-b4b8-0d847c61ac22" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/5e3bba9a94ff757400ce5a0f2a2a43076c515bc0e3728964b4f58f503ed9917c/analysis/1551440425/", "category": "Payload delivery", "uuid": "e9e2f282-02e9-4318-bcd7-8cfd093466ba" }, { "type": "text", "object_relation": "detection-ratio", "value": "7/68", "category": "Payload delivery", "uuid": "523d80f0-1249-41d5-b0bf-6ab61cc8dafc" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--ce897d99-d116-43d0-959b-fbe57566ea72", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "pattern": "[file:hashes.MD5 = '0489493aeb26b6772bf3653aedf75d2a' AND file:hashes.SHA1 = '058c864831b0631ba18a9b02700a0a38529f7ff8' AND file:hashes.SHA256 = '21a5f6b003886b26c769132a8ffa06d607260980895a1e7484744fe3107ee099']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--46b426bf-55cc-44a4-a0b3-de40270414fe", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-06-04T10:29:50", "category": "Other", "uuid": "98d110c3-6eea-4879-8e0a-da42b6c150de" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/21a5f6b003886b26c769132a8ffa06d607260980895a1e7484744fe3107ee099/analysis/1528108190/", "category": "Payload delivery", "uuid": "7cfa447e-e135-43e3-895e-7a7b0cd56ffd" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/59", "category": "Payload delivery", "uuid": "0e970b39-6c21-4245-8ac4-a97b6d5ea57c" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--61b1cb3e-62ee-4b70-a561-646f511bb520", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "pattern": "[file:hashes.MD5 = '9d4aeb737179995a397d675f41e5f97f' AND file:hashes.SHA1 = 'cebe3862bd477e78bdbb020b3a53da91a1fa747d' AND file:hashes.SHA256 = '955904c82e953113183aad6a60fef962847549d02f531a62bf00d724c3c482c3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--ad03d449-4454-44a2-a75e-3465ec582992", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-01-27T01:31:19", "category": "Other", "uuid": "affd0d1c-1e8c-4306-ac72-810706f25cad" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/955904c82e953113183aad6a60fef962847549d02f531a62bf00d724c3c482c3/analysis/1548552679/", "category": "Payload delivery", "uuid": "8be5d5ab-a541-4a9e-a0a7-8c1a7f45e568" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/57", "category": "Payload delivery", "uuid": "b2032ab7-4f4b-446a-a65a-2c965e695340" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--8268456e-e83d-4737-a7a8-06ea323d880c", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "pattern": "[file:hashes.MD5 = '4d18388a9b351907be4a9f91785c9997' AND file:hashes.SHA1 = 'ee2b18a7413579bd18acc19d33fa307e8a6662c4' AND file:hashes.SHA256 = 'd1b19801e477f6297e41bfa040f5fb09e5f34b1e24b2bd90c960dd09a2be85f9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--41dfaa85-2917-4a95-9674-f8091308d9e2", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:31.000Z", "modified": "2019-03-03T16:41:31.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-02-23T18:15:33", "category": "Other", "uuid": "22bc8561-c209-42ff-897f-3a7e53daa22e" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/d1b19801e477f6297e41bfa040f5fb09e5f34b1e24b2bd90c960dd09a2be85f9/analysis/1550945733/", "category": "Payload delivery", "uuid": "26e862b3-d8ca-41e5-a50d-e369a9c4fac2" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/58", "category": "Payload delivery", "uuid": "5364dc79-050f-48b7-9571-6fd1894f79d6" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--3b469718-143a-4a84-b8ae-ec7aff951925", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:32.000Z", "modified": "2019-03-03T16:41:32.000Z", "pattern": "[file:hashes.MD5 = 'c78ccfc45bfba703cce0fc0c75c0f6af' AND file:hashes.SHA1 = '17c0bec9c6f16d9af7ba0a7146749f9f3d17e0a8' AND file:hashes.SHA256 = '2859b86854018bb4db2226e1ff14a4de4aa0187cd563c705d4ae1dbda0c07086']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--6a1a234d-b827-4ea9-af35-988c5eb536dc", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:32.000Z", "modified": "2019-03-03T16:41:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-02-23T16:45:33", "category": "Other", "uuid": "f2e2989e-1afd-49fd-b4eb-b00eda539cf1" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/2859b86854018bb4db2226e1ff14a4de4aa0187cd563c705d4ae1dbda0c07086/analysis/1550940333/", "category": "Payload delivery", "uuid": "5dfbab74-02f0-445a-933a-7173485f0392" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/58", "category": "Payload delivery", "uuid": "cf67baac-6bb7-4743-8a91-eedce127bd5c" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--74ae1e56-ff5a-4f74-a56d-dc6157c32158", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:32.000Z", "modified": "2019-03-03T16:41:32.000Z", "pattern": "[file:hashes.MD5 = '533ac97f44b4aea1a35481d963cc9106' AND file:hashes.SHA1 = '63489869fa9c5b1ed627bf9140b6824cb68efef6' AND file:hashes.SHA256 = '536eb0c00f1d4a39ddf9a2eca508897eb2064b4e28e25a3327626b53bad0319d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--24461164-3e40-49b2-94c0-0e997c7544f8", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:32.000Z", "modified": "2019-03-03T16:41:32.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2018-11-15T07:25:52", "category": "Other", "uuid": "82f7c9a1-2a75-45a9-8a1f-8ac0a31a0777" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/536eb0c00f1d4a39ddf9a2eca508897eb2064b4e28e25a3327626b53bad0319d/analysis/1542266752/", "category": "Payload delivery", "uuid": "f89c2dc4-7b36-48ea-a560-aefacd3e229b" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/51", "category": "Payload delivery", "uuid": "071f1efb-072c-4361-82e8-773a30e28acf" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--e3c014ed-fd41-4d0c-84aa-98ca3bd4c9dd", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:32.000Z", "modified": "2019-03-03T16:41:32.000Z", "pattern": "[file:hashes.MD5 = 'd7c4a1d4f75045a2a1e324ae5114ea17' AND file:hashes.SHA1 = '7db7ff3b685c3fa5d7dd5ac394a7ccb3e8b42d76' AND file:hashes.SHA256 = '210d12b9fcead69094ca2046c55333c121451f7eec782dd42e220ff11fe7d349']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2019-03-03T16:41:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "file" } ], "labels": [ "misp:name=\"file\"", "misp:meta-category=\"file\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-object", "spec_version": "2.1", "id": "x-misp-object--dbb117e4-aa8b-4b11-8ef6-c52b2ce4e72a", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2019-03-03T16:41:33.000Z", "modified": "2019-03-03T16:41:33.000Z", "labels": [ "misp:name=\"virustotal-report\"", "misp:meta-category=\"misc\"" ], "x_misp_attributes": [ { "type": "datetime", "object_relation": "last-submission", "value": "2019-03-01T11:38:53", "category": "Other", "uuid": "e97ebac1-5f62-456e-93eb-93cced4149ff" }, { "type": "link", "object_relation": "permalink", "value": "https://www.virustotal.com/file/210d12b9fcead69094ca2046c55333c121451f7eec782dd42e220ff11fe7d349/analysis/1551440333/", "category": "Payload delivery", "uuid": "90fd9f63-25e4-42ec-8df6-2b2d0c3f40a7" }, { "type": "text", "object_relation": "detection-ratio", "value": "0/58", "category": "Payload delivery", "uuid": "ae6f8a84-4c7c-4d87-ba02-6833aaf1db82" } ], "x_misp_meta_category": "misc", "x_misp_name": "virustotal-report" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--dda6152c-eb02-48dc-8776-d0a5f07d2a79", "created": "2019-03-03T16:41:33.000Z", "modified": "2019-03-03T16:41:33.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--0c6b7f2f-30ac-4fa2-958f-94fbb50f894e", "target_ref": "x-misp-object--c45f991f-5f70-4419-b2b1-1ba1609a10af" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--184a7e4b-28ef-426a-9f72-f58fb9dd6ded", "created": "2019-03-03T16:41:33.000Z", "modified": "2019-03-03T16:41:33.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--f1f73447-1b14-4ae1-a8c4-4a094ae66416", "target_ref": "x-misp-object--af3e2650-e6dd-453a-ab71-e3a22cc735c8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d45ad5e0-0fa6-47a5-9f21-d0e867a17bba", "created": "2019-03-03T16:41:33.000Z", "modified": "2019-03-03T16:41:33.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ad497e60-8895-4967-ae45-2a64ccac91d3", "target_ref": "x-misp-object--d83f4778-c40d-4e7d-9acc-e8bcfd7c925b" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d282e291-9168-4e59-951c-4aec5583d208", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--6e35a2c3-5a83-4c25-bbea-d304de8bef8a", "target_ref": "x-misp-object--e1710ee5-770e-49a6-81a0-d534b641805a" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8e4b7ff3-8480-42e5-b847-268db1aa8c3a", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--167cb709-e3ee-4fe9-bda9-e333b99cce0a", "target_ref": "x-misp-object--b55a75d9-352b-4fd0-a6d8-7897395461b1" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--5e6771af-955c-4ffc-a61b-8e19ec012b59", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--ce897d99-d116-43d0-959b-fbe57566ea72", "target_ref": "x-misp-object--46b426bf-55cc-44a4-a0b3-de40270414fe" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ef80e3b5-b5d2-4162-93c4-fee8dc0fb4a2", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--61b1cb3e-62ee-4b70-a561-646f511bb520", "target_ref": "x-misp-object--ad03d449-4454-44a2-a75e-3465ec582992" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--d5723758-4b82-4566-82e4-49fcf1352987", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--8268456e-e83d-4737-a7a8-06ea323d880c", "target_ref": "x-misp-object--41dfaa85-2917-4a95-9674-f8091308d9e2" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--8536e3e3-d273-446b-8604-80816b6e96a5", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--3b469718-143a-4a84-b8ae-ec7aff951925", "target_ref": "x-misp-object--6a1a234d-b827-4ea9-af35-988c5eb536dc" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--ffcba393-855a-41f6-b666-4ee8f36ccaa6", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--74ae1e56-ff5a-4f74-a56d-dc6157c32158", "target_ref": "x-misp-object--24461164-3e40-49b2-94c0-0e997c7544f8" }, { "type": "relationship", "spec_version": "2.1", "id": "relationship--27d12b66-0cca-4cc0-9a53-e7e65eadb9d2", "created": "2019-03-03T16:41:34.000Z", "modified": "2019-03-03T16:41:34.000Z", "relationship_type": "analysed-with", "source_ref": "indicator--e3c014ed-fd41-4d0c-84aa-98ca3bd4c9dd", "target_ref": "x-misp-object--dbb117e4-aa8b-4b11-8ef6-c52b2ce4e72a" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }