{ "type": "bundle", "id": "bundle--5464bf96-1f14-43f1-af86-08ce950d210b", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:32:53.000Z", "modified": "2014-11-13T14:32:53.000Z", "name": "CthulhuSPRL.be", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5464bf96-1f14-43f1-af86-08ce950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:32:53.000Z", "modified": "2014-11-13T14:32:53.000Z", "name": "OSINT Expansion on Rotten Tomato campaign", "published": "2014-11-13T14:50:29Z", "object_refs": [ "x-misp-attribute--5464bfab-9418-4978-82ca-51e4950d210b", "observed-data--5464bfd5-5a1c-4af0-ad60-4b5d950d210b", "url--5464bfd5-5a1c-4af0-ad60-4b5d950d210b", "indicator--5464c079-3a08-4195-8bc9-491c950d210b", "indicator--5464c079-1f24-4111-a264-43a0950d210b", "indicator--5464c079-6778-4fd0-82bb-40e2950d210b", "indicator--5464c079-5e38-40be-93d5-4a1f950d210b", "indicator--5464c079-5a7c-4d21-9f95-4ac4950d210b", "indicator--5464c079-5624-4014-90be-42a5950d210b", "indicator--5464c079-f258-43b4-9610-4001950d210b", "indicator--5464c079-0e34-442c-853a-4a28950d210b", "indicator--5464c07a-295c-4bfb-9b53-4edd950d210b", "indicator--5464c07a-1314-47f4-817a-4cbe950d210b", "indicator--5464c07a-1924-4e5d-912b-4325950d210b", "indicator--5464c07a-b6a0-40f1-958b-4952950d210b", "indicator--5464c07a-ee30-425b-93f5-402d950d210b", "indicator--5464c07a-7a0c-45c9-9a05-4a4f950d210b", "indicator--5464c07a-a724-4376-922f-4047950d210b", "indicator--5464c07a-9730-4dfe-b2f5-4980950d210b", "indicator--5464c07a-7a60-486b-9806-480e950d210b", "indicator--5464c07a-182c-46ad-9e9a-4b8c950d210b", "indicator--5464c07a-92ac-4eb2-9b38-4e35950d210b", "indicator--5464c07a-5c78-4376-a594-46a6950d210b", "indicator--5464c07a-c624-4378-93dc-4635950d210b", "indicator--5464c07a-0848-4218-8cb3-4025950d210b", "indicator--5464c07a-7d98-4d0b-b977-4f0d950d210b", "indicator--5464c07a-b948-438c-b123-42ca950d210b", "indicator--5464c07a-9078-4b7e-b502-4a1d950d210b", "x-misp-attribute--5464c092-7f94-4fa4-949f-15eb950d210b", "observed-data--5464c0c7-efa4-40dc-979d-4b9e950d210b", "url--5464c0c7-efa4-40dc-979d-4b9e950d210b", "indicator--5464c0db-e65c-4775-b2db-9034950d210b", "indicator--5464c0db-ae1c-4800-88d3-9034950d210b", "x-misp-attribute--5464c115-5c88-4099-91fd-15eb950d210b" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT" ], "object_marking_refs": [ "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5464bfab-9418-4978-82ca-51e4950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:27:11.000Z", "modified": "2014-11-13T14:27:11.000Z", "labels": [ "misp:type=\"comment\"", "misp:category=\"External analysis\"" ], "x_misp_category": "External analysis", "x_misp_type": "comment", "x_misp_value": "Expansion done by David Andr\u00c3\u00a9 using whois registrant email" }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5464bfd5-5a1c-4af0-ad60-4b5d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:27:33.000Z", "modified": "2014-11-13T14:27:33.000Z", "first_observed": "2014-11-13T14:27:33Z", "last_observed": "2014-11-13T14:27:33Z", "number_observed": 1, "object_refs": [ "url--5464bfd5-5a1c-4af0-ad60-4b5d950d210b" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5464bfd5-5a1c-4af0-ad60-4b5d950d210b", "value": "http://www.whoismind.com/email/yuminga1@126.com.html" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-3a08-4195-8bc9-491c950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'ahaaa0.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-1f24-4111-a264-43a0950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'ahasss.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-6778-4fd0-82bb-40e2950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'arabdnsc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-5e38-40be-93d5-4a1f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'arabidc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-5a7c-4d21-9f95-4ac4950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'bfinancea.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-5624-4014-90be-42a5950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'buyfunny.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-f258-43b4-9610-4001950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'dellindustry.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c079-0e34-442c-853a-4a28950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:17.000Z", "modified": "2014-11-13T14:30:17.000Z", "pattern": "[domain-name:value = 'dellnewsup.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-295c-4bfb-9b53-4edd950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'dibaigold.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-1314-47f4-817a-4cbe950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'dnsedc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-1924-4e5d-912b-4325950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'dnsqaz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-b6a0-40f1-958b-4952950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'enhenxx.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-ee30-425b-93f5-402d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'financenewsu.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-7a0c-45c9-9a05-4a4f950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'futuresgolda.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-a724-4376-922f-4047950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'futuresidc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-9730-4dfe-b2f5-4980950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'googlenewsup.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-7a60-486b-9806-480e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'googltrend.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-182c-46ad-9e9a-4b8c950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'heihacc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-92ac-4eb2-9b38-4e35950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'hopewoodes.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-5c78-4376-a594-46a6950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'hpnewsup.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-c624-4378-93dc-4635950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'interidc0.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-0848-4218-8cb3-4025950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'micr0industry.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-7d98-4d0b-b977-4f0d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'micronewsup.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-b948-438c-b123-42ca950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'newsupdatea.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c07a-9078-4b7e-b502-4a1d950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:18.000Z", "modified": "2014-11-13T14:30:18.000Z", "pattern": "[domain-name:value = 'redtubea.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:30:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5464c092-7f94-4fa4-949f-15eb950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:30:42.000Z", "modified": "2014-11-13T14:30:42.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"Attribution\"" ], "x_misp_category": "Attribution", "x_misp_comment": "Registrant", "x_misp_type": "text", "x_misp_value": "yuminga1@126.com" }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5464c0c7-efa4-40dc-979d-4b9e950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:31:35.000Z", "modified": "2014-11-13T14:31:35.000Z", "first_observed": "2014-11-13T14:31:35Z", "last_observed": "2014-11-13T14:31:35Z", "number_observed": 1, "object_refs": [ "url--5464c0c7-efa4-40dc-979d-4b9e950d210b" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5464c0c7-efa4-40dc-979d-4b9e950d210b", "value": "http://www.whoismind.com/email/joiupnhs@163.com.html" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c0db-e65c-4775-b2db-9034950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:31:55.000Z", "modified": "2014-11-13T14:31:55.000Z", "pattern": "[domain-name:value = 'soundxarab.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:31:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5464c0db-ae1c-4800-88d3-9034950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:31:55.000Z", "modified": "2014-11-13T14:31:55.000Z", "pattern": "[domain-name:value = 'xraies.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2014-11-13T14:31:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5464c115-5c88-4099-91fd-15eb950d210b", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2014-11-13T14:32:53.000Z", "modified": "2014-11-13T14:32:53.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"External analysis\"" ], "x_misp_category": "External analysis", "x_misp_type": "text", "x_misp_value": "Rotten Tomato" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:GREEN", "definition": { "tlp": "green" } } ] }