{ "type": "bundle", "id": "bundle--5a5deec2-afe0-4036-a218-49c3950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:06.000Z", "modified": "2018-01-16T12:49:06.000Z", "name": "CthulhuSPRL.be", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5a5deec2-afe0-4036-a218-49c3950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:06.000Z", "modified": "2018-01-16T12:49:06.000Z", "name": "OSINT Fancy Bear Pens the Worst Blog Posts Ever by ThreatConnect", "published": "2018-01-16T12:50:48Z", "object_refs": [ "observed-data--5a5deecb-9474-49dd-8f3f-4ac1950d210f", "url--5a5deecb-9474-49dd-8f3f-4ac1950d210f", "indicator--5a5df37d-e1a8-4126-94e8-4b32950d210f", "indicator--5a5df37d-fcbc-470a-bd5f-4d6a950d210f", "indicator--5a5df37e-8614-42c4-8fab-432b950d210f", "indicator--5a5df37e-fa78-4adb-9de5-4e31950d210f", "indicator--5a5df37e-e7dc-4a94-ae7f-4ba1950d210f", "indicator--5a5df37f-c45c-46b1-9e19-4da8950d210f", "indicator--5a5df37f-76f4-4b5c-a22c-4908950d210f", "observed-data--5a5df38f-b2a4-4220-8a36-c1be950d210f", "url--5a5df38f-b2a4-4220-8a36-c1be950d210f", "indicator--5a5df3d0-6468-4a35-8c1e-447a950d210f", "indicator--5a5df3d1-6b64-467e-8883-4aed950d210f", "indicator--5a5df3d1-9098-453b-af97-4256950d210f", "indicator--5a5df3d1-f68c-4420-9ed7-4f3a950d210f", "indicator--5a5df3d2-b60c-4004-9cf0-49b4950d210f", "indicator--5a5df3d2-54e0-43c3-ad70-481b950d210f", "indicator--5a5df3d3-d14c-4d6f-b958-46b0950d210f", "indicator--5a5df3d3-fab4-493f-a3d5-4925950d210f", "indicator--5a5df3d3-eb24-4132-b56f-455c950d210f", "indicator--5a5df3d4-eb54-4587-a259-4648950d210f", "indicator--5a5df3d4-1b14-4991-9ea1-4450950d210f", "indicator--5a5df3d5-ee98-46f5-ab8e-4a3f950d210f", "indicator--5a5df3d5-4cf4-4d8f-a783-4730950d210f", "indicator--5a5df3d5-4574-45b5-9b88-45be950d210f", "indicator--5a5df3d6-3710-4b21-bfc0-487a950d210f", "indicator--5a5df3d6-926c-47a1-9ec9-4e78950d210f", "indicator--5a5df3d7-4140-4d3c-b0b8-4196950d210f", "indicator--5a5df3d7-2cc8-4df7-8448-453f950d210f", "indicator--5a5df3d8-8860-4080-a21c-42ba950d210f", "indicator--5a5df3d8-8c94-4234-a410-4c96950d210f", "indicator--5a5df3d9-4a90-4474-9a23-42f1950d210f", "indicator--5a5df3d9-6fa4-4e46-9739-4ef1950d210f", "indicator--5a5df3da-bbb4-4876-8b20-49c9950d210f", "indicator--5a5df3da-ff94-4ba5-a39a-4ac5950d210f", "indicator--5a5df3db-eac4-40b7-be83-4502950d210f", "indicator--5a5df3db-faa8-4bd0-8fdf-47b7950d210f", "indicator--5a5df3dc-56f8-47f9-be04-4955950d210f", "indicator--5a5df3dc-0114-4c2e-81bb-4572950d210f", "indicator--5a5df3dc-0634-4b24-91a7-4a74950d210f", "indicator--5a5df3dd-f038-4500-a8b4-49c1950d210f", "indicator--5a5df3dd-9358-4bd8-a47c-454d950d210f", "indicator--5a5df49b-3534-4093-bb9a-4e20950d210f", "indicator--5a5df49b-c3dc-4f9c-8333-4489950d210f", "indicator--5a5df49c-4c8c-4352-8058-470d950d210f", "indicator--5a5df49c-9640-4e31-93c1-4630950d210f", "indicator--5a5df49d-462c-44d8-b2af-4706950d210f", "indicator--5a5df49d-2374-4a67-bd62-4ce5950d210f", "indicator--5a5df49d-be24-4321-b8b7-4ea2950d210f", "indicator--5a5df49e-9b50-4eb2-afa7-47a9950d210f", "indicator--5a5df49e-aac4-440f-aaa5-4eed950d210f", "indicator--5a5df49f-0efc-4d88-8677-4745950d210f", "indicator--5a5df49f-f0a4-4c6b-ab04-4313950d210f", "indicator--5a5df4a0-a520-4bee-ba7e-4f31950d210f", "indicator--5a5df4a0-c970-4ac8-abfd-436f950d210f", "indicator--5a5df4a0-3e30-46fb-8632-4baf950d210f", "indicator--5a5df4a1-8d04-417c-8eb4-4a2f950d210f", "indicator--5a5df4a1-91ec-48dd-b7dd-4e7e950d210f", "indicator--5a5df4a2-f37c-48d5-b49b-4bcf950d210f", "indicator--5a5df4a2-10a8-42bf-bc99-4204950d210f", "indicator--5a5df4a3-6ef0-4a15-9023-4a68950d210f", "indicator--5a5df4a3-e3d8-43a7-a937-44cd950d210f", "indicator--5a5df4a3-16b0-436b-a80d-4e32950d210f", "indicator--5a5df4a4-222c-4adc-ad3b-4832950d210f", "indicator--5a5df4a4-d670-4c51-8b32-4243950d210f", "indicator--5a5df4a5-1248-4259-a5bf-482e950d210f", "indicator--5a5df4a5-4a90-4cff-951f-4c8a950d210f", "indicator--5a5df4a6-d52c-4dca-a8e3-4f18950d210f", "indicator--5a5df4a6-6bc0-4905-8b9e-4bd5950d210f", "indicator--5a5df4a6-86cc-4a68-919e-4efb950d210f", "indicator--5a5df4a7-1968-4336-9962-4a62950d210f", "indicator--5a5df4a7-1170-43de-96e4-46a9950d210f", "indicator--5a5df4a8-cbdc-409b-9ee1-4450950d210f", "indicator--5a5df4a8-9be8-4b9c-9731-4059950d210f", "indicator--5a5df4a8-4cb4-4069-9af0-4bb0950d210f", "indicator--5a5df4a9-376c-4cc6-946d-496f950d210f", "indicator--5a5df4aa-b2c0-4f59-a70a-46bc950d210f", "indicator--5a5df4aa-e100-4b24-8c79-4d38950d210f", "indicator--5a5df4ab-2080-4bc4-b25c-4a85950d210f", "indicator--5a5df4ab-6f44-4203-84cc-4204950d210f", "indicator--5a5df4ac-ff9c-4d09-adef-4471950d210f", "indicator--5a5df4ac-3c94-4b3d-9338-4d65950d210f", "indicator--5a5df4ac-0414-41e9-bf12-4d9b950d210f", "indicator--5a5df4ad-b9f0-410a-82de-4b15950d210f", "indicator--5a5df4ad-86a0-43e2-8d38-480a950d210f", "indicator--5a5df4ae-21e4-4cf7-8606-420a950d210f", "indicator--5a5df4ae-f59c-4548-b53c-4600950d210f", "indicator--5a5df4ae-9024-4548-9548-4846950d210f", "indicator--5a5df4af-52d0-4e21-905e-47d5950d210f", "indicator--5a5df4af-7398-47f1-ba57-4681950d210f", "indicator--5a5df4b0-a9f0-403c-8df3-4778950d210f", "indicator--5a5df4b0-e914-4747-84e7-464d950d210f", "indicator--5a5df4b0-d8f8-436d-9f86-401e950d210f", "indicator--5a5df4b1-f3d8-4dd0-8f02-46c6950d210f", "indicator--5a5df4b1-73dc-401d-9bb2-4d35950d210f", "indicator--5a5df4b2-6390-401f-9d4f-4d70950d210f", "indicator--5a5df4b2-8f98-467b-81ee-4549950d210f", "indicator--5a5df4b3-d4bc-48d4-8084-40b4950d210f", "indicator--5a5df4b4-566c-4342-bb6b-4fca950d210f", "indicator--5a5df4b4-f208-4ee8-b2eb-49a7950d210f", "indicator--5a5df4b5-6954-4256-9741-4dbf950d210f", "indicator--5a5df4b5-8f2c-4052-b362-4b10950d210f", "indicator--5a5df4b6-593c-4d34-b468-42a6950d210f", "indicator--5a5df4b6-19a8-4e58-90fe-4903950d210f", "indicator--5a5df4b7-b678-4dce-81f8-4756950d210f", "indicator--5a5df4b7-201c-4f35-94b4-4582950d210f", "indicator--5a5df4b7-003c-4e97-ad97-4667950d210f", "indicator--5a5df4b8-7118-4e29-a2d4-4c68950d210f", "indicator--5a5df4b8-4b64-41d0-baa9-4204950d210f", "indicator--5a5df4b9-ee00-48d3-9be6-407f950d210f", "indicator--5a5df4b9-a650-4f6b-92ce-40ee950d210f", "indicator--5a5df4ba-4a58-4d8a-a614-4a60950d210f", "indicator--5a5df4ba-54e4-41ab-aa61-4dda950d210f", "indicator--5a5df4bb-a0cc-4e9e-89f5-45a3950d210f", "indicator--5a5df4bb-f7d4-4a07-8f32-457c950d210f", "indicator--5a5df4bb-ff54-4ac5-916c-4d05950d210f", "indicator--5a5df4bc-3b70-419e-b1b5-4256950d210f", "indicator--5a5df4bc-de9c-46f0-8fc7-4ca4950d210f", "indicator--5a5df4bd-eb8c-4924-81bf-4510950d210f", "indicator--5a5df4bd-b240-47cc-baee-4f1e950d210f", "indicator--5a5df4be-9138-45fc-908d-4d37950d210f", "indicator--5a5df4bf-7dc8-42d1-b4d5-4c8f950d210f", "indicator--5a5df4bf-9f84-438c-9149-422c950d210f", "indicator--5a5df4c0-34c4-414f-9902-4798950d210f", "indicator--5a5df4c0-94e0-4343-9454-4647950d210f", "indicator--5a5df4c0-2950-4c8e-873b-4404950d210f", "indicator--5a5df4c1-e624-4600-979b-4090950d210f", "indicator--5a5df4c1-e39c-409d-8fbe-4936950d210f", "indicator--5a5df4c2-0c14-494c-b185-4128950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "misp-galaxy:threat-actor=\"Sofacy\"", "osint:source-type=\"blog-post\"", "APT", "Threat:Sofacy/APT28" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5a5deecb-9474-49dd-8f3f-4ac1950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:23:39.000Z", "modified": "2018-01-16T12:23:39.000Z", "first_observed": "2018-01-16T12:23:39Z", "last_observed": "2018-01-16T12:23:39Z", "number_observed": 1, "object_refs": [ "url--5a5deecb-9474-49dd-8f3f-4ac1950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5a5deecb-9474-49dd-8f3f-4ac1950d210f", "value": "https://www.threatconnect.com/blog/fancy-bear-leverages-blogspot/" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df37d-e1a8-4126-94e8-4b32950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:41.000Z", "modified": "2018-01-16T12:43:41.000Z", "pattern": "[url:value = 'https://google.com.account-password.ga/security/signinoptions/password']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:43:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df37d-fcbc-470a-bd5f-4d6a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:41.000Z", "modified": "2018-01-16T12:43:41.000Z", "pattern": "[domain-name:value = 'google.com.account-password.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:43:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df37e-8614-42c4-8fab-432b950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:42.000Z", "modified": "2018-01-16T12:43:42.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.255.12.231']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:43:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df37e-fa78-4adb-9de5-4e31950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:42.000Z", "modified": "2018-01-16T12:43:42.000Z", "pattern": "[domain-name:value = 'accounts.google.com.securitymail.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:43:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df37e-e7dc-4a94-ae7f-4ba1950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:42.000Z", "modified": "2018-01-16T12:43:42.000Z", "pattern": "[domain-name:value = 'securitymail.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:43:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df37f-c45c-46b1-9e19-4da8950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:43.000Z", "modified": "2018-01-16T12:43:43.000Z", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.153.32.52']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:43:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df37f-76f4-4b5c-a22c-4908950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:43.000Z", "modified": "2018-01-16T12:43:43.000Z", "pattern": "[domain-name:value = 'smtprelayhost.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:43:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5a5df38f-b2a4-4220-8a36-c1be950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:43:59.000Z", "modified": "2018-01-16T12:43:59.000Z", "first_observed": "2018-01-16T12:43:59Z", "last_observed": "2018-01-16T12:43:59Z", "number_observed": 1, "object_refs": [ "url--5a5df38f-b2a4-4220-8a36-c1be950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5a5df38f-b2a4-4220-8a36-c1be950d210f", "value": "https://www.verfassungsschutz.de/embed/broschuere-2016-03-bfv-cyber-brief-2016-01.pdf" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d0-6468-4a35-8c1e-447a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:04.000Z", "modified": "2018-01-16T12:45:04.000Z", "pattern": "[domain-name:value = 'uzbekistan-mfa.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d1-6b64-467e-8883-4aed950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:04.000Z", "modified": "2018-01-16T12:45:04.000Z", "pattern": "[domain-name:value = 'luminate-yahoo.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d1-9098-453b-af97-4256950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:05.000Z", "modified": "2018-01-16T12:45:05.000Z", "pattern": "[domain-name:value = 'cc-yahoo-inc.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d1-f68c-4420-9ed7-4f3a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:05.000Z", "modified": "2018-01-16T12:45:05.000Z", "pattern": "[domain-name:value = 'opecmember.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d2-b60c-4004-9cf0-49b4950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:06.000Z", "modified": "2018-01-16T12:45:06.000Z", "pattern": "[domain-name:value = 'cdncloudflare.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d2-54e0-43c3-ad70-481b950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:06.000Z", "modified": "2018-01-16T12:45:06.000Z", "pattern": "[domain-name:value = '45645647.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d3-d14c-4d6f-b958-46b0950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:07.000Z", "modified": "2018-01-16T12:45:07.000Z", "pattern": "[domain-name:value = '57567547454.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d3-fab4-493f-a3d5-4925950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:07.000Z", "modified": "2018-01-16T12:45:07.000Z", "pattern": "[domain-name:value = 'ciscohelpcenter.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d3-eb24-4132-b56f-455c950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:07.000Z", "modified": "2018-01-16T12:45:07.000Z", "pattern": "[domain-name:value = 'intelsupportcenter.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d4-eb54-4587-a259-4648950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:08.000Z", "modified": "2018-01-16T12:45:08.000Z", "pattern": "[domain-name:value = 'intelsupportcenter.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d4-1b14-4991-9ea1-4450950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:08.000Z", "modified": "2018-01-16T12:45:08.000Z", "pattern": "[domain-name:value = 'highcomission.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d5-ee98-46f5-ab8e-4a3f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:09.000Z", "modified": "2018-01-16T12:45:09.000Z", "pattern": "[domain-name:value = 'autoupdater.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d5-4cf4-4d8f-a783-4730950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:09.000Z", "modified": "2018-01-16T12:45:09.000Z", "pattern": "[domain-name:value = 'securityupdatereport.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d5-4574-45b5-9b88-45be950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:09.000Z", "modified": "2018-01-16T12:45:09.000Z", "pattern": "[domain-name:value = 'mozilla-plugins.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d6-3710-4b21-bfc0-487a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:10.000Z", "modified": "2018-01-16T12:45:10.000Z", "pattern": "[domain-name:value = 'mozillaplagins.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d6-926c-47a1-9ec9-4e78950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:10.000Z", "modified": "2018-01-16T12:45:10.000Z", "pattern": "[domain-name:value = 'wincodec.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d7-4140-4d3c-b0b8-4196950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:11.000Z", "modified": "2018-01-16T12:45:11.000Z", "pattern": "[domain-name:value = 'securitysls.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d7-2cc8-4df7-8448-453f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:11.000Z", "modified": "2018-01-16T12:45:11.000Z", "pattern": "[domain-name:value = 'windowsdefenderupdater.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d8-8860-4080-a21c-42ba950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:12.000Z", "modified": "2018-01-16T12:45:12.000Z", "pattern": "[domain-name:value = 'windowschecker.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d8-8c94-4234-a410-4c96950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:12.000Z", "modified": "2018-01-16T12:45:12.000Z", "pattern": "[domain-name:value = 'terms-google.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d9-4a90-4474-9a23-42f1950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:13.000Z", "modified": "2018-01-16T12:45:13.000Z", "pattern": "[domain-name:value = 'syslowwindows.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3d9-6fa4-4e46-9739-4ef1950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:13.000Z", "modified": "2018-01-16T12:45:13.000Z", "pattern": "[domain-name:value = 'kenlynton.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3da-bbb4-4876-8b20-49c9950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:14.000Z", "modified": "2018-01-16T12:45:14.000Z", "pattern": "[domain-name:value = 'fastcontech.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3da-ff94-4ba5-a39a-4ac5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:14.000Z", "modified": "2018-01-16T12:45:14.000Z", "pattern": "[domain-name:value = 'mslinux-update.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3db-eac4-40b7-be83-4502950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:15.000Z", "modified": "2018-01-16T12:45:15.000Z", "pattern": "[domain-name:value = 'web-privacy-guardian.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3db-faa8-4bd0-8fdf-47b7950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:15.000Z", "modified": "2018-01-16T12:45:15.000Z", "pattern": "[domain-name:value = '645547657668787.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3dc-56f8-47f9-be04-4955950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:16.000Z", "modified": "2018-01-16T12:45:16.000Z", "pattern": "[domain-name:value = 'android-soft.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3dc-0114-4c2e-81bb-4572950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:16.000Z", "modified": "2018-01-16T12:45:16.000Z", "pattern": "[domain-name:value = 'live-settings.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3dc-0634-4b24-91a7-4a74950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:16.000Z", "modified": "2018-01-16T12:45:16.000Z", "pattern": "[domain-name:value = 'privatenewstoday.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3dd-f038-4500-a8b4-49c1950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:17.000Z", "modified": "2018-01-16T12:45:17.000Z", "pattern": "[domain-name:value = 'servicetransferemail.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df3dd-9358-4bd8-a47c-454d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:45:17.000Z", "modified": "2018-01-16T12:45:17.000Z", "pattern": "[domain-name:value = 'adawareblock.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:45:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49b-3534-4093-bb9a-4e20950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:27.000Z", "modified": "2018-01-16T12:48:27.000Z", "pattern": "[domain-name:value = 'access-apple-login-account.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49b-c3dc-4f9c-8333-4489950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:27.000Z", "modified": "2018-01-16T12:48:27.000Z", "pattern": "[domain-name:value = 'fileshelpprotut.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49c-4c8c-4352-8058-470d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:28.000Z", "modified": "2018-01-16T12:48:28.000Z", "pattern": "[domain-name:value = 'reset-password-com.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49c-9640-4e31-93c1-4630950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:28.000Z", "modified": "2018-01-16T12:48:28.000Z", "pattern": "[domain-name:value = 'account-activity-verification-login.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49d-462c-44d8-b2af-4706950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:29.000Z", "modified": "2018-01-16T12:48:29.000Z", "pattern": "[domain-name:value = 'fileshelpprotut.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49d-2374-4a67-bd62-4ce5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:29.000Z", "modified": "2018-01-16T12:48:29.000Z", "pattern": "[domain-name:value = 'restore-login-account.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49d-be24-4321-b8b7-4ea2950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:29.000Z", "modified": "2018-01-16T12:48:29.000Z", "pattern": "[domain-name:value = 'account-verify-comfirmation-info-login.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49e-9b50-4eb2-afa7-47a9950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:30.000Z", "modified": "2018-01-16T12:48:30.000Z", "pattern": "[domain-name:value = 'filestore.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49e-aac4-440f-aaa5-4eed950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:30.000Z", "modified": "2018-01-16T12:48:30.000Z", "pattern": "[domain-name:value = 'review-quilogin.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49f-0efc-4d88-8677-4745950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:31.000Z", "modified": "2018-01-16T12:48:31.000Z", "pattern": "[domain-name:value = 'account-verify-comfirmation-info-login.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df49f-f0a4-4c6b-ab04-4313950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:31.000Z", "modified": "2018-01-16T12:48:31.000Z", "pattern": "[domain-name:value = 'goldsecurity.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a0-a520-4bee-ba7e-4f31950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:32.000Z", "modified": "2018-01-16T12:48:32.000Z", "pattern": "[domain-name:value = 'secure-bankofamerica--login-com.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a0-c970-4ac8-abfd-436f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:32.000Z", "modified": "2018-01-16T12:48:32.000Z", "pattern": "[domain-name:value = 'accountlogin-inc.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a0-3e30-46fb-8632-4baf950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:32.000Z", "modified": "2018-01-16T12:48:32.000Z", "pattern": "[domain-name:value = 'info-apple-login-security.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a1-8d04-417c-8eb4-4a2f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:33.000Z", "modified": "2018-01-16T12:48:33.000Z", "pattern": "[domain-name:value = 'secure-bankofamerica--login-com.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a1-91ec-48dd-b7dd-4e7e950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:33.000Z", "modified": "2018-01-16T12:48:33.000Z", "pattern": "[domain-name:value = 'accountverify-disableinfo-login.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a2-f37c-48d5-b49b-4bcf950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:34.000Z", "modified": "2018-01-16T12:48:34.000Z", "pattern": "[domain-name:value = 'jp-login.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a2-10a8-42bf-bc99-4204950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:34.000Z", "modified": "2018-01-16T12:48:34.000Z", "pattern": "[domain-name:value = 'secure-login-helpid-locked.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a3-6ef0-4a15-9023-4a68950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:34.000Z", "modified": "2018-01-16T12:48:34.000Z", "pattern": "[domain-name:value = 'alert-new-login-com.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a3-e3d8-43a7-a937-44cd950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:35.000Z", "modified": "2018-01-16T12:48:35.000Z", "pattern": "[domain-name:value = 'locked-service-security.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a3-16b0-436b-a80d-4e32950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:35.000Z", "modified": "2018-01-16T12:48:35.000Z", "pattern": "[domain-name:value = 'secure-management-login-account-index-webpass.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a4-222c-4adc-ad3b-4832950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:36.000Z", "modified": "2018-01-16T12:48:36.000Z", "pattern": "[domain-name:value = 'apple-realertlogin.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a4-d670-4c51-8b32-4243950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:36.000Z", "modified": "2018-01-16T12:48:36.000Z", "pattern": "[domain-name:value = 'login-bancochile-cl.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a5-1248-4259-a5bf-482e950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:37.000Z", "modified": "2018-01-16T12:48:37.000Z", "pattern": "[domain-name:value = 'secure-mobile-login1.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a5-4a90-4cff-951f-4c8a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:37.000Z", "modified": "2018-01-16T12:48:37.000Z", "pattern": "[domain-name:value = 'appleid-login-appleid.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a6-d52c-4dca-a8e3-4f18950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:38.000Z", "modified": "2018-01-16T12:48:38.000Z", "pattern": "[domain-name:value = 'login-pap-web-access.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a6-6bc0-4905-8b9e-4bd5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:38.000Z", "modified": "2018-01-16T12:48:38.000Z", "pattern": "[domain-name:value = 'secure1-client-login.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a6-86cc-4a68-919e-4efb950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:38.000Z", "modified": "2018-01-16T12:48:38.000Z", "pattern": "[domain-name:value = 'appleid-manageaccountloginupdated.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a7-1968-4336-9962-4a62950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:39.000Z", "modified": "2018-01-16T12:48:39.000Z", "pattern": "[domain-name:value = 'login-recovery.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a7-1170-43de-96e4-46a9950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:39.000Z", "modified": "2018-01-16T12:48:39.000Z", "pattern": "[domain-name:value = 'secure1-client-login.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a8-cbdc-409b-9ee1-4450950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:40.000Z", "modified": "2018-01-16T12:48:40.000Z", "pattern": "[domain-name:value = 'appleidcustomer-servicess-com-loginaccount.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a8-9be8-4b9c-9731-4059950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:40.000Z", "modified": "2018-01-16T12:48:40.000Z", "pattern": "[domain-name:value = 'login-sec-apple-secure-account-updated.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a8-4cb4-4069-9af0-4bb0950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:40.000Z", "modified": "2018-01-16T12:48:40.000Z", "pattern": "[domain-name:value = 'secure1-login-apps.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4a9-376c-4cc6-946d-496f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:41.000Z", "modified": "2018-01-16T12:48:41.000Z", "pattern": "[domain-name:value = 'appleidcustomer-servicess-com-loginaccount.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4aa-b2c0-4f59-a70a-46bc950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:42.000Z", "modified": "2018-01-16T12:48:42.000Z", "pattern": "[domain-name:value = 'login-secure1-mobile.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4aa-e100-4b24-8c79-4d38950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:42.000Z", "modified": "2018-01-16T12:48:42.000Z", "pattern": "[domain-name:value = 'secure5647login-com.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ab-2080-4bc4-b25c-4a85950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:43.000Z", "modified": "2018-01-16T12:48:43.000Z", "pattern": "[domain-name:value = 'browsersecurity.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ab-6f44-4203-84cc-4204950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:43.000Z", "modified": "2018-01-16T12:48:43.000Z", "pattern": "[domain-name:value = 'login-unlock-account.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ac-ff9c-4d09-adef-4471950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:44.000Z", "modified": "2018-01-16T12:48:44.000Z", "pattern": "[domain-name:value = 'security-login-information.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ac-3c94-4b3d-9338-4d65950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:44.000Z", "modified": "2018-01-16T12:48:44.000Z", "pattern": "[domain-name:value = 'change-password.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ac-0414-41e9-bf12-4d9b950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:44.000Z", "modified": "2018-01-16T12:48:44.000Z", "pattern": "[domain-name:value = 'login-update-unlock.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ad-b9f0-410a-82de-4b15950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:45.000Z", "modified": "2018-01-16T12:48:45.000Z", "pattern": "[domain-name:value = 'securitycenter.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ad-86a0-43e2-8d38-480a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:45.000Z", "modified": "2018-01-16T12:48:45.000Z", "pattern": "[domain-name:value = 'cleantarea-customerlogin-com.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ae-21e4-4cf7-8606-420a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:46.000Z", "modified": "2018-01-16T12:48:46.000Z", "pattern": "[domain-name:value = 'loginapps-info.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ae-f59c-4548-b53c-4600950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:46.000Z", "modified": "2018-01-16T12:48:46.000Z", "pattern": "[domain-name:value = 'service-account-home-login.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ae-9024-4548-9548-4846950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:46.000Z", "modified": "2018-01-16T12:48:46.000Z", "pattern": "[domain-name:value = 'clientareasecurity1.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4af-52d0-4e21-905e-47d5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:47.000Z", "modified": "2018-01-16T12:48:47.000Z", "pattern": "[domain-name:value = 'loginpaypaas-securityuserid.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4af-7398-47f1-ba57-4681950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:47.000Z", "modified": "2018-01-16T12:48:47.000Z", "pattern": "[domain-name:value = 'service-autoreset-password-youraccount.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b0-a9f0-403c-8df3-4778950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:48.000Z", "modified": "2018-01-16T12:48:48.000Z", "pattern": "[domain-name:value = 'clientareasecurity4.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b0-e914-4747-84e7-464d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:48.000Z", "modified": "2018-01-16T12:48:48.000Z", "pattern": "[domain-name:value = 'loginservice-maintanceserversecurity.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b0-d8f8-436d-9f86-401e950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:48.000Z", "modified": "2018-01-16T12:48:48.000Z", "pattern": "[domain-name:value = 'service-login-apple-verify-account-locked.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b1-f3d8-4dd0-8f02-46c6950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:49.000Z", "modified": "2018-01-16T12:48:49.000Z", "pattern": "[domain-name:value = 'com-recoverylogin.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b1-73dc-401d-9bb2-4d35950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:49.000Z", "modified": "2018-01-16T12:48:49.000Z", "pattern": "[domain-name:value = 'manage-login.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b2-6390-401f-9d4f-4d70950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:50.000Z", "modified": "2018-01-16T12:48:50.000Z", "pattern": "[domain-name:value = 'servicelogin-access-failed.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b2-8f98-467b-81ee-4549950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:50.000Z", "modified": "2018-01-16T12:48:50.000Z", "pattern": "[domain-name:value = 'com-supportlogin-adminverification.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b3-d4bc-48d4-8084-40b4950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:51.000Z", "modified": "2018-01-16T12:48:51.000Z", "pattern": "[domain-name:value = 'manage-logins.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b4-566c-4342-bb6b-4fca950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:52.000Z", "modified": "2018-01-16T12:48:52.000Z", "pattern": "[domain-name:value = 'services-loginaccount.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b4-f208-4ee8-b2eb-49a7950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:52.000Z", "modified": "2018-01-16T12:48:52.000Z", "pattern": "[domain-name:value = 'darksecurity.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b5-6954-4256-9741-4dbf950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:53.000Z", "modified": "2018-01-16T12:48:53.000Z", "pattern": "[domain-name:value = 'mod-files.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b5-8f2c-4052-b362-4b10950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:53.000Z", "modified": "2018-01-16T12:48:53.000Z", "pattern": "[domain-name:value = 'sharefiles.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b6-593c-4d34-b468-42a6950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:54.000Z", "modified": "2018-01-16T12:48:54.000Z", "pattern": "[domain-name:value = 'dns-sec-login-apple-invoice-confirmations.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b6-19a8-4e58-90fe-4903950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:54.000Z", "modified": "2018-01-16T12:48:54.000Z", "pattern": "[domain-name:value = 'mydocuments.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b7-b678-4dce-81f8-4756950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:55.000Z", "modified": "2018-01-16T12:48:55.000Z", "pattern": "[domain-name:value = 'signin-login-php.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b7-201c-4f35-94b4-4582950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:55.000Z", "modified": "2018-01-16T12:48:55.000Z", "pattern": "[domain-name:value = 'dns-webapps-login-account-secure-servers.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b7-003c-4e97-ad97-4667950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:55.000Z", "modified": "2018-01-16T12:48:55.000Z", "pattern": "[domain-name:value = 'newaction-loginactivituresource.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b8-7118-4e29-a2d4-4c68950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:56.000Z", "modified": "2018-01-16T12:48:56.000Z", "pattern": "[domain-name:value = 'srilankadocuments.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b8-4b64-41d0-baa9-4204950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:56.000Z", "modified": "2018-01-16T12:48:56.000Z", "pattern": "[domain-name:value = 'documentation.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b9-ee00-48d3-9be6-407f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:57.000Z", "modified": "2018-01-16T12:48:57.000Z", "pattern": "[domain-name:value = 'newfiles.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4b9-a650-4f6b-92ce-40ee950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:57.000Z", "modified": "2018-01-16T12:48:57.000Z", "pattern": "[domain-name:value = 'statement-login-update-info.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ba-4a58-4d8a-a614-4a60950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:58.000Z", "modified": "2018-01-16T12:48:58.000Z", "pattern": "[domain-name:value = 'documentshandler.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4ba-54e4-41ab-aa61-4dda950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:58.000Z", "modified": "2018-01-16T12:48:58.000Z", "pattern": "[domain-name:value = 'ns-secures-login-accountjp-updates-community.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bb-a0cc-4e9e-89f5-45a3950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:59.000Z", "modified": "2018-01-16T12:48:59.000Z", "pattern": "[domain-name:value = 'summary-loginconfirmation.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bb-f7d4-4a07-8f32-457c950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:59.000Z", "modified": "2018-01-16T12:48:59.000Z", "pattern": "[domain-name:value = 'emailloginerror.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bb-ff54-4ac5-916c-4d05950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:48:59.000Z", "modified": "2018-01-16T12:48:59.000Z", "pattern": "[domain-name:value = 'nursingdocumentation.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:48:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bc-3b70-419e-b1b5-4256950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:00.000Z", "modified": "2018-01-16T12:49:00.000Z", "pattern": "[domain-name:value = 'unsecured-login-attempt.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bc-de9c-46f0-8fc7-4ca4950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:00.000Z", "modified": "2018-01-16T12:49:00.000Z", "pattern": "[domain-name:value = 'facebook-login-page.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bd-eb8c-4924-81bf-4510950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:01.000Z", "modified": "2018-01-16T12:49:01.000Z", "pattern": "[domain-name:value = 'ourfiles.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bd-b240-47cc-baee-4f1e950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:01.000Z", "modified": "2018-01-16T12:49:01.000Z", "pattern": "[domain-name:value = 'verify-login-account-iinformation.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4be-9138-45fc-908d-4d37950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:02.000Z", "modified": "2018-01-16T12:49:02.000Z", "pattern": "[domain-name:value = 'failure-login.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bf-7dc8-42d1-b4d5-4c8f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:03.000Z", "modified": "2018-01-16T12:49:03.000Z", "pattern": "[domain-name:value = 'pdf-document.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4bf-9f84-438c-9149-422c950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:03.000Z", "modified": "2018-01-16T12:49:03.000Z", "pattern": "[domain-name:value = 'verify-login-account-iinformation.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4c0-34c4-414f-9902-4798950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:04.000Z", "modified": "2018-01-16T12:49:04.000Z", "pattern": "[domain-name:value = 'fileshelp.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4c0-94e0-4343-9454-4647950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:04.000Z", "modified": "2018-01-16T12:49:04.000Z", "pattern": "[domain-name:value = 'protector-files.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4c0-2950-4c8e-873b-4404950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:04.000Z", "modified": "2018-01-16T12:49:04.000Z", "pattern": "[domain-name:value = 'welcome-apple-protectyourpassword.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4c1-e624-4600-979b-4090950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:05.000Z", "modified": "2018-01-16T12:49:05.000Z", "pattern": "[domain-name:value = 'fileshelp.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4c1-e39c-409d-8fbe-4936950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:05.000Z", "modified": "2018-01-16T12:49:05.000Z", "pattern": "[domain-name:value = 'recoverylogin-access.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a5df4c2-0c14-494c-b185-4128950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-01-16T12:49:06.000Z", "modified": "2018-01-16T12:49:06.000Z", "pattern": "[domain-name:value = 'www-logined-apple-authsecure.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-01-16T12:49:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }