{ "type": "bundle", "id": "bundle--56b06cf0-ac30-4472-93dd-44ce950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:47.000Z", "modified": "2016-02-02T08:48:47.000Z", "name": "CthulhuSPRL.be", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--56b06cf0-ac30-4472-93dd-44ce950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:47.000Z", "modified": "2016-02-02T08:48:47.000Z", "name": "OSINT phishing sites and php kits - February 2016 - Part 1 by TechHelpList", "published": "2016-02-02T08:49:00Z", "object_refs": [ "observed-data--56b06d67-3584-49a9-a1bf-426a950d210f", "url--56b06d67-3584-49a9-a1bf-426a950d210f", "indicator--56b06d67-c7a0-472d-aeab-4c21950d210f", "indicator--56b06d67-8f6c-4ff0-bd93-4092950d210f", "indicator--56b06d68-e890-4092-81b1-4827950d210f", "indicator--56b06d68-4468-4212-b71e-4212950d210f", "indicator--56b06d68-b604-4314-bb2b-4175950d210f", "indicator--56b06d69-5030-4591-9cb4-4ddf950d210f", "indicator--56b06d69-30fc-4a15-8fa1-4df0950d210f", "indicator--56b06d69-d534-4130-80a6-48cb950d210f", "indicator--56b06d6a-684c-40e6-a4e2-4d42950d210f", "indicator--56b06d6a-1798-42c0-8dad-4161950d210f", "indicator--56b06d6a-99d4-43d1-a8b9-4235950d210f", "indicator--56b06d6b-a894-4b36-88ec-4df8950d210f", "indicator--56b06d6b-d5f8-469c-8c2c-45f8950d210f", "indicator--56b06d6b-a910-4c28-8b1f-4b5b950d210f", "indicator--56b06d6c-d9cc-49c7-bb1b-45e1950d210f", "indicator--56b06d6c-4be0-45aa-ad15-46b3950d210f", "indicator--56b06d6c-88f8-4d45-86f2-467f950d210f", "indicator--56b06d6d-e0a0-446c-bdd6-4ac5950d210f", "indicator--56b06d6d-8ac0-4042-9998-4e21950d210f", "indicator--56b06d6d-0f5c-4c4c-a367-497c950d210f", "indicator--56b06d6d-d314-4562-a408-41f7950d210f", "indicator--56b06d6e-ff44-462c-8d4f-4620950d210f", "indicator--56b06d6e-ffdc-4430-aeae-4c17950d210f", "indicator--56b06d6e-ee30-472a-a427-44e0950d210f", "indicator--56b06d6f-cafc-48a0-9829-45dd950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT", "admiralty-scale:source-reliability=\"f\"", "admiralty-scale:information-credibility=\"2\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--56b06d67-3584-49a9-a1bf-426a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:39.000Z", "modified": "2016-02-02T08:48:39.000Z", "first_observed": "2016-02-02T08:48:39Z", "last_observed": "2016-02-02T08:48:39Z", "number_observed": 1, "object_refs": [ "url--56b06d67-3584-49a9-a1bf-426a950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--56b06d67-3584-49a9-a1bf-426a950d210f", "value": "https://techhelplist.com/pastes/1037-phishing-sites-and-php-kits-february-2016-part-1" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d67-c7a0-472d-aeab-4c21950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:39.000Z", "modified": "2016-02-02T08:48:39.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'icloud-apple-ios91.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d67-8f6c-4ff0-bd93-4092950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:39.000Z", "modified": "2016-02-02T08:48:39.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'icloud-appleid-photos.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d68-e890-4092-81b1-4827950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:40.000Z", "modified": "2016-02-02T08:48:40.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'icloud-applend.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d68-4468-4212-b71e-4212950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:40.000Z", "modified": "2016-02-02T08:48:40.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'icloud-lidt.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d68-b604-4314-bb2b-4175950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:40.000Z", "modified": "2016-02-02T08:48:40.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'icloud-tyce.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d69-5030-4591-9cb4-4ddf950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:41.000Z", "modified": "2016-02-02T08:48:41.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'icloud-yunid-apple.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d69-30fc-4a15-8fa1-4df0950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:41.000Z", "modified": "2016-02-02T08:48:41.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'icloudidjh.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d69-d534-4130-80a6-48cb950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:41.000Z", "modified": "2016-02-02T08:48:41.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'appie-find.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6a-684c-40e6-a4e2-4d42950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:42.000Z", "modified": "2016-02-02T08:48:42.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-bb.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6a-1798-42c0-8dad-4161950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:42.000Z", "modified": "2016-02-02T08:48:42.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-bu.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6a-99d4-43d1-a8b9-4235950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:42.000Z", "modified": "2016-02-02T08:48:42.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-gay.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6b-a894-4b36-88ec-4df8950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:43.000Z", "modified": "2016-02-02T08:48:43.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-iappleid.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6b-d5f8-469c-8c2c-45f8950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:43.000Z", "modified": "2016-02-02T08:48:43.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-icloud-can.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6b-a910-4c28-8b1f-4b5b950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:43.000Z", "modified": "2016-02-02T08:48:43.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-icloud-ns.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6c-d9cc-49c7-bb1b-45e1950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:44.000Z", "modified": "2016-02-02T08:48:44.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-icloud-safe.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6c-4be0-45aa-ad15-46b3950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:44.000Z", "modified": "2016-02-02T08:48:44.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-ip-sir.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6c-88f8-4d45-86f2-467f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:44.000Z", "modified": "2016-02-02T08:48:44.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-iphonegps.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6d-e0a0-446c-bdd6-4ac5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:45.000Z", "modified": "2016-02-02T08:48:45.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-lcnappe.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6d-8ac0-4042-9998-4e21950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:45.000Z", "modified": "2016-02-02T08:48:45.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-lidt.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6d-0f5c-4c4c-a367-497c950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:45.000Z", "modified": "2016-02-02T08:48:45.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-mor.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6d-d314-4562-a408-41f7950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:45.000Z", "modified": "2016-02-02T08:48:45.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-my-login.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6e-ff44-462c-8d4f-4620950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:46.000Z", "modified": "2016-02-02T08:48:46.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-sye.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6e-ffdc-4430-aeae-4c17950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:46.000Z", "modified": "2016-02-02T08:48:46.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'apple-yet.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6e-ee30-472a-a427-44e0950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:46.000Z", "modified": "2016-02-02T08:48:46.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'appleid-icloud-vip.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56b06d6f-cafc-48a0-9829-45dd950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-02-02T08:48:47.000Z", "modified": "2016-02-02T08:48:47.000Z", "description": "Network IOCs", "pattern": "[domain-name:value = 'itunes-lidt.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-02-02T08:48:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }