{ "type": "bundle", "id": "bundle--578e2285-12cc-4a15-b078-4b74950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:34.000Z", "modified": "2016-07-19T13:30:34.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--578e2285-12cc-4a15-b078-4b74950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:34.000Z", "modified": "2016-07-19T13:30:34.000Z", "name": "Malspam 2016-07-19 .wsf (campaign: \"new invoice\")", "published": "2016-07-19T13:44:40Z", "object_refs": [ "indicator--578e2456-0658-4de1-a00a-4120950d210f", "indicator--578e2457-396c-4fcb-8751-4082950d210f", "indicator--578e2457-47c4-4dc4-a453-44bc950d210f", "indicator--578e2457-3744-4f39-a99b-49de950d210f", "indicator--578e2458-0530-43c3-82cb-4f6e950d210f", "indicator--578e2458-f2c0-4022-8421-4c84950d210f", "indicator--578e2458-fbf0-4c55-bab4-489b950d210f", "indicator--578e2459-bdf0-4b61-82d9-4c48950d210f", "indicator--578e2459-4364-4892-8c15-4385950d210f", "indicator--578e245a-6f10-4d7f-bba2-4f2a950d210f", "indicator--578e245a-2838-4476-9ce7-46ce950d210f", "indicator--578e245a-5810-4da0-acfb-42a9950d210f", "indicator--578e245b-09f8-4c58-95a1-4571950d210f", "indicator--578e245b-adfc-425c-b079-4fc7950d210f", "indicator--578e245c-4f5c-4b28-9c2e-4cb3950d210f", "indicator--578e245c-7638-4a8c-a95b-4414950d210f", "indicator--578e245c-e58c-439d-bf94-4fff950d210f", "indicator--578e245d-ae6c-42e8-a77b-41b9950d210f", "indicator--578e245d-1c58-4780-ba82-4679950d210f", "indicator--578e245d-8fdc-4a53-b030-4c49950d210f", "indicator--578e245e-8b20-4bda-bf29-4c7f950d210f", "indicator--578e245e-6e94-49a5-b70c-4bbe950d210f", "indicator--578e245f-288c-4474-a4d4-4abd950d210f", "indicator--578e245f-f230-4d0f-a6c8-4865950d210f", "indicator--578e2460-0094-4a69-a362-4a4a950d210f", "indicator--578e2460-e67c-41e3-8e1d-429a950d210f", "indicator--578e2461-0420-41b2-ac5e-462f950d210f", "indicator--578e2461-fd40-4e72-86ce-464e950d210f", "indicator--578e2461-5190-4d3a-bce6-4e71950d210f", "indicator--578e2462-f0ac-45f6-8dc9-48a5950d210f", "indicator--578e2462-26cc-4f13-ab49-410e950d210f", "indicator--578e2463-27f8-498c-b7d1-4ffa950d210f", "indicator--578e2463-ec98-44ba-9b38-4041950d210f", "indicator--578e2463-7f1c-4d58-91ff-40f4950d210f", "indicator--578e2464-1a78-441f-8a26-4180950d210f", "indicator--578e2464-f808-4e19-b51c-4bdc950d210f", "indicator--578e2465-3370-45b4-8981-405f950d210f", "indicator--578e2465-9e4c-4cc1-9146-4374950d210f", "indicator--578e2465-76fc-4188-bd52-474a950d210f", "indicator--578e2466-bb88-44a1-9444-4fba950d210f", "observed-data--578e2855-2318-4841-95e1-44ee950d210f", "email-message--578e2855-2318-4841-95e1-44ee950d210f", "x-misp-attribute--578e2871-fd00-4f55-a56b-43c8950d210f", "indicator--578e2b78-57b8-47be-8720-49dc950d210f", "indicator--578e2b78-d4f4-4ef4-b816-4fb3950d210f", "indicator--578e2b78-f644-4982-86fd-466f950d210f", "indicator--578e2b79-1b08-40e6-8b86-4098950d210f", "indicator--578e2b79-2560-4e71-abf4-4449950d210f", "indicator--578e2b79-c344-48e8-bc61-40a9950d210f", "indicator--578e2b79-a718-43ca-9cd6-4413950d210f", "indicator--578e2b79-3f58-487d-898b-49cd950d210f", "indicator--578e2b7a-9184-49b2-af13-498a950d210f", "indicator--578e2897-13fc-48c9-a55d-44bf950d210f", "indicator--578e2899-8ef8-44c9-97d5-4223950d210f", "indicator--578e289a-8590-41f3-be1f-430e950d210f", "indicator--578e289a-aaa0-4e74-88d0-4826950d210f", "indicator--578e289b-c540-4237-8496-4fdb950d210f", "indicator--578e289c-56e8-4a41-a44d-461d950d210f", "indicator--578e289c-8a68-4b26-bfb8-44b0950d210f", "indicator--578e289d-68a4-4963-83fc-41cc950d210f", "indicator--578e289e-667c-4e74-a9b3-427c950d210f", "indicator--578e289f-f520-4938-b461-4cdb950d210f", "indicator--578e28a0-6998-4618-8583-47d2950d210f", "indicator--578e28a0-7954-474f-9dab-41d0950d210f", "indicator--578e28a1-ab40-45e0-ad82-464c950d210f", "indicator--578e28a2-4d44-469e-bc1c-4268950d210f", "indicator--578e28a3-9b60-41b2-942b-47ff950d210f", "indicator--578e28a4-7aac-4521-ae7e-4a44950d210f", "indicator--578e28a4-db6c-4f6a-82d2-4e66950d210f", "indicator--578e28a6-1e88-49c0-8821-4468950d210f", "indicator--578e28a6-58f4-46fe-9d94-4ae7950d210f", "indicator--578e28a7-5994-422a-8da6-43e7950d210f", "indicator--578e28a7-0484-4b97-a948-4d6b950d210f", "indicator--578e28a8-69fc-48c5-b5ac-4e81950d210f", "indicator--578e28a9-6644-43e7-afb8-4c5e950d210f", "indicator--578e28a9-1254-463f-a271-45a9950d210f", "indicator--578e28aa-5828-4330-b9af-48e2950d210f", "indicator--578e28ab-ebf8-4a93-8439-412a950d210f", "indicator--578e28ac-76a0-4fb7-9dab-494e950d210f", "indicator--578e28ac-e028-4b6f-8cc4-4017950d210f", "indicator--578e28ad-093c-42d7-9fbc-4129950d210f", "indicator--578e28ae-f094-4d72-ab4c-46fe950d210f", "indicator--578e28af-7a84-43b5-aa7a-4fd6950d210f", "indicator--578e28b0-0828-4ccf-acfa-4723950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2456-0658-4de1-a00a-4120950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:06.000Z", "modified": "2016-07-19T13:00:06.000Z", "description": "download location", "pattern": "[url:value = 'http://westcoastswingitaly.it/jycvhfqq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2457-396c-4fcb-8751-4082950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:07.000Z", "modified": "2016-07-19T13:00:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'westcoastswingitaly.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2457-47c4-4dc4-a453-44bc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:07.000Z", "modified": "2016-07-19T13:00:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.186.33.5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2457-3744-4f39-a99b-49de950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:07.000Z", "modified": "2016-07-19T13:00:07.000Z", "description": "download location", "pattern": "[url:value = 'http://albany.asn.au/4sb2qnf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2458-0530-43c3-82cb-4f6e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:08.000Z", "modified": "2016-07-19T13:00:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'albany.asn.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2458-f2c0-4022-8421-4c84950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:08.000Z", "modified": "2016-07-19T13:00:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '27.123.31.81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2458-fbf0-4c55-bab4-489b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:08.000Z", "modified": "2016-07-19T13:00:08.000Z", "description": "download location", "pattern": "[url:value = 'http://alinmaagroup.com/c2baqb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2459-bdf0-4b61-82d9-4c48950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:09.000Z", "modified": "2016-07-19T13:00:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'alinmaagroup.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2459-4364-4892-8c15-4385950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:09.000Z", "modified": "2016-07-19T13:00:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.26.137']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245a-6f10-4d7f-bba2-4f2a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:10.000Z", "modified": "2016-07-19T13:00:10.000Z", "description": "download location", "pattern": "[url:value = 'http://delaemvkusnoe.ru/7lsypth']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245a-2838-4476-9ce7-46ce950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:10.000Z", "modified": "2016-07-19T13:00:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'delaemvkusnoe.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245a-5810-4da0-acfb-42a9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:10.000Z", "modified": "2016-07-19T13:00:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.208.1.129']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245b-09f8-4c58-95a1-4571950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:11.000Z", "modified": "2016-07-19T13:00:11.000Z", "description": "download location", "pattern": "[url:value = 'http://jem-111.com/v5tq6s3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245b-adfc-425c-b079-4fc7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:11.000Z", "modified": "2016-07-19T13:00:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'jem-111.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245c-4f5c-4b28-9c2e-4cb3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:12.000Z", "modified": "2016-07-19T13:00:12.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '153.122.18.175']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245c-7638-4a8c-a95b-4414950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:12.000Z", "modified": "2016-07-19T13:00:12.000Z", "description": "download location", "pattern": "[url:value = 'http://vilalusa.com/33q4i6f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245c-e58c-439d-bf94-4fff950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:12.000Z", "modified": "2016-07-19T13:00:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'vilalusa.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245d-ae6c-42e8-a77b-41b9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:13.000Z", "modified": "2016-07-19T13:00:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.63.197.146']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245d-1c58-4780-ba82-4679950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:13.000Z", "modified": "2016-07-19T13:00:13.000Z", "description": "download location", "pattern": "[url:value = 'http://moroem.com/n79lv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245d-8fdc-4a53-b030-4c49950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:13.000Z", "modified": "2016-07-19T13:00:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'moroem.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245e-8b20-4bda-bf29-4c7f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:14.000Z", "modified": "2016-07-19T13:00:14.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.220.1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245e-6e94-49a5-b70c-4bbe950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:14.000Z", "modified": "2016-07-19T13:00:14.000Z", "description": "download location", "pattern": "[url:value = 'http://altadevelopers.com/kacgwe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245f-288c-4474-a4d4-4abd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:15.000Z", "modified": "2016-07-19T13:00:15.000Z", "description": "download location", "pattern": "[domain-name:value = 'altadevelopers.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e245f-f230-4d0f-a6c8-4865950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:15.000Z", "modified": "2016-07-19T13:00:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.248.38']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2460-0094-4a69-a362-4a4a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:16.000Z", "modified": "2016-07-19T13:00:16.000Z", "description": "download location", "pattern": "[url:value = 'http://technobuz.com/05gwngqn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2460-e67c-41e3-8e1d-429a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:16.000Z", "modified": "2016-07-19T13:00:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'technobuz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2461-0420-41b2-ac5e-462f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:17.000Z", "modified": "2016-07-19T13:00:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.142.4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2461-fd40-4e72-86ce-464e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:17.000Z", "modified": "2016-07-19T13:00:17.000Z", "description": "download location", "pattern": "[url:value = 'http://delaemvkusnoe.ru/yr54po27']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2461-5190-4d3a-bce6-4e71950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:17.000Z", "modified": "2016-07-19T13:00:17.000Z", "description": "download location", "pattern": "[url:value = 'http://hiramteran.com/qrjna81y']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2462-f0ac-45f6-8dc9-48a5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:18.000Z", "modified": "2016-07-19T13:00:18.000Z", "description": "download location", "pattern": "[domain-name:value = 'hiramteran.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2462-26cc-4f13-ab49-410e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:18.000Z", "modified": "2016-07-19T13:00:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.90.66.130']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2463-27f8-498c-b7d1-4ffa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:19.000Z", "modified": "2016-07-19T13:00:19.000Z", "description": "download location", "pattern": "[url:value = 'http://versus.uz/ah73wlnz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2463-ec98-44ba-9b38-4041950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:19.000Z", "modified": "2016-07-19T13:00:19.000Z", "description": "download location", "pattern": "[domain-name:value = 'versus.uz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2463-7f1c-4d58-91ff-40f4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:19.000Z", "modified": "2016-07-19T13:00:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.209.128.113']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2464-1a78-441f-8a26-4180950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:20.000Z", "modified": "2016-07-19T13:00:20.000Z", "description": "download location", "pattern": "[url:value = 'http://aerosfera.ru/xmljn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2464-f808-4e19-b51c-4bdc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:20.000Z", "modified": "2016-07-19T13:00:20.000Z", "description": "download location", "pattern": "[domain-name:value = 'aerosfera.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2465-3370-45b4-8981-405f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:21.000Z", "modified": "2016-07-19T13:00:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.208.1.141']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2465-9e4c-4cc1-9146-4374950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:21.000Z", "modified": "2016-07-19T13:00:21.000Z", "description": "download location", "pattern": "[url:value = 'http://modulofm.com.br/3ap3qsi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2465-76fc-4188-bd52-474a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:21.000Z", "modified": "2016-07-19T13:00:21.000Z", "description": "download location", "pattern": "[domain-name:value = 'modulofm.com.br']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2466-bb88-44a1-9444-4fba950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:00:22.000Z", "modified": "2016-07-19T13:00:22.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '191.240.255.40']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:00:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--578e2855-2318-4841-95e1-44ee950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:17:09.000Z", "modified": "2016-07-19T13:17:09.000Z", "first_observed": "2016-07-19T13:17:09Z", "last_observed": "2016-07-19T13:17:09Z", "number_observed": 1, "object_refs": [ "email-message--578e2855-2318-4841-95e1-44ee950d210f" ], "labels": [ "misp:type=\"email-subject\"", "misp:category=\"Payload delivery\"" ] }, { "type": "email-message", "spec_version": "2.1", "id": "email-message--578e2855-2318-4841-95e1-44ee950d210f", "is_multipart": false, "subject": "new invoice" }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--578e2871-fd00-4f55-a56b-43c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:17:37.000Z", "modified": "2016-07-19T13:17:37.000Z", "labels": [ "misp:type=\"user-agent\"", "misp:category=\"Payload delivery\"" ], "x_misp_category": "Payload delivery", "x_misp_type": "user-agent", "x_misp_value": "User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b78-57b8-47be-8720-49dc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:32.000Z", "modified": "2016-07-19T13:30:32.000Z", "description": "download location", "pattern": "[url:value = 'http://choogo.net/qisxmdwz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b78-d4f4-4ef4-b816-4fb3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:32.000Z", "modified": "2016-07-19T13:30:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'choogo.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b78-f644-4982-86fd-466f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:32.000Z", "modified": "2016-07-19T13:30:32.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.171.173.157']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b79-1b08-40e6-8b86-4098950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:33.000Z", "modified": "2016-07-19T13:30:33.000Z", "description": "download location", "pattern": "[url:value = 'http://pasadenaoffice.com/431i00cd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b79-2560-4e71-abf4-4449950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:33.000Z", "modified": "2016-07-19T13:30:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'pasadenaoffice.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b79-c344-48e8-bc61-40a9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:33.000Z", "modified": "2016-07-19T13:30:33.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.67.54.86']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b79-a718-43ca-9cd6-4413950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:33.000Z", "modified": "2016-07-19T13:30:33.000Z", "description": "download location", "pattern": "[url:value = 'http://12-land.co.jp/gvkkx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b79-3f58-487d-898b-49cd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:33.000Z", "modified": "2016-07-19T13:30:33.000Z", "description": "download location", "pattern": "[domain-name:value = '12-land.co.jp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2b7a-9184-49b2-af13-498a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:30:34.000Z", "modified": "2016-07-19T13:30:34.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.56.177.76']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:30:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2897-13fc-48c9-a55d-44bf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:15.000Z", "modified": "2016-07-19T13:18:15.000Z", "description": "download location", "pattern": "[url:value = 'http://accendojuris.com/dem3owmx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e2899-8ef8-44c9-97d5-4223950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:17.000Z", "modified": "2016-07-19T13:18:17.000Z", "description": "download location", "pattern": "[url:value = 'http://all-rides.com/m6bobmp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289a-8590-41f3-be1f-430e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:18.000Z", "modified": "2016-07-19T13:18:18.000Z", "description": "download location", "pattern": "[url:value = 'http://anima-centrum.sk/bkcs2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289a-aaa0-4e74-88d0-4826950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:18.000Z", "modified": "2016-07-19T13:18:18.000Z", "description": "download location", "pattern": "[url:value = 'http://bastidoresderondonia.com.br/ww55qzn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289b-c540-4237-8496-4fdb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:19.000Z", "modified": "2016-07-19T13:18:19.000Z", "description": "download location", "pattern": "[url:value = 'http://biovinci.com.br/dl9f0m6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289c-56e8-4a41-a44d-461d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:20.000Z", "modified": "2016-07-19T13:18:20.000Z", "description": "download location", "pattern": "[url:value = 'http://darkhollowcoffee.com/unntj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289c-8a68-4b26-bfb8-44b0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:20.000Z", "modified": "2016-07-19T13:18:20.000Z", "description": "download location", "pattern": "[url:value = 'http://daveshearth.com/f1t14']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289d-68a4-4963-83fc-41cc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:21.000Z", "modified": "2016-07-19T13:18:21.000Z", "description": "download location", "pattern": "[url:value = 'http://dealsbro.com/ptamc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289e-667c-4e74-a9b3-427c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:22.000Z", "modified": "2016-07-19T13:18:22.000Z", "description": "download location", "pattern": "[url:value = 'http://dev.appleleafabstracting.com/j5q4b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e289f-f520-4938-b461-4cdb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:23.000Z", "modified": "2016-07-19T13:18:23.000Z", "description": "download location", "pattern": "[url:value = 'http://dipp.lt/id4e6xcs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a0-6998-4618-8583-47d2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:24.000Z", "modified": "2016-07-19T13:18:24.000Z", "description": "download location", "pattern": "[url:value = 'http://econopaginas.com/33ry5u']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a0-7954-474f-9dab-41d0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:24.000Z", "modified": "2016-07-19T13:18:24.000Z", "description": "download location", "pattern": "[url:value = 'http://ejdadim.com/tzblhuk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a1-ab40-45e0-ad82-464c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:25.000Z", "modified": "2016-07-19T13:18:25.000Z", "description": "download location", "pattern": "[url:value = 'http://heonybaby.synology.me/uydikuo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a2-4d44-469e-bc1c-4268950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:26.000Z", "modified": "2016-07-19T13:18:26.000Z", "description": "download location", "pattern": "[url:value = 'http://ialri.net/wh64xsb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a3-9b60-41b2-942b-47ff950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:27.000Z", "modified": "2016-07-19T13:18:27.000Z", "description": "download location", "pattern": "[url:value = 'http://kveldeil.no/gfk2p']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a4-7aac-4521-ae7e-4a44950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:28.000Z", "modified": "2016-07-19T13:18:28.000Z", "description": "download location", "pattern": "[url:value = 'http://litehauzz.com.ng/cxqr03']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a4-db6c-4f6a-82d2-4e66950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:28.000Z", "modified": "2016-07-19T13:18:28.000Z", "description": "download location", "pattern": "[url:value = 'http://lkfashions.com/3vkh8fcv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a6-1e88-49c0-8821-4468950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:30.000Z", "modified": "2016-07-19T13:18:30.000Z", "description": "download location", "pattern": "[url:value = 'http://muscleinjuries.com/lqah1guh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a6-58f4-46fe-9d94-4ae7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:30.000Z", "modified": "2016-07-19T13:18:30.000Z", "description": "download location", "pattern": "[url:value = 'http://mylimajai.lt/fkf75fo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a7-5994-422a-8da6-43e7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:31.000Z", "modified": "2016-07-19T13:18:31.000Z", "description": "download location", "pattern": "[url:value = 'http://myphychoice.com/s0ksxt8e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a7-0484-4b97-a948-4d6b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:31.000Z", "modified": "2016-07-19T13:18:31.000Z", "description": "download location", "pattern": "[url:value = 'http://ormanstressrelief.com/lq1z62q']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a8-69fc-48c5-b5ac-4e81950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:32.000Z", "modified": "2016-07-19T13:18:32.000Z", "description": "download location", "pattern": "[url:value = 'http://ostrovokkrasoty.ru/zxaen4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a9-6644-43e7-afb8-4c5e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:33.000Z", "modified": "2016-07-19T13:18:33.000Z", "description": "download location", "pattern": "[url:value = 'http://right-livelihoods.org/uplwj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28a9-1254-463f-a271-45a9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:33.000Z", "modified": "2016-07-19T13:18:33.000Z", "description": "download location", "pattern": "[url:value = 'http://scpremiumbikes.com/53mkzxat']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28aa-5828-4330-b9af-48e2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:34.000Z", "modified": "2016-07-19T13:18:34.000Z", "description": "download location", "pattern": "[url:value = 'http://sitkainvestigations.com/2wmp4g']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28ab-ebf8-4a93-8439-412a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:35.000Z", "modified": "2016-07-19T13:18:35.000Z", "description": "download location", "pattern": "[url:value = 'http://thetestserver.net/kemymr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28ac-76a0-4fb7-9dab-494e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:36.000Z", "modified": "2016-07-19T13:18:36.000Z", "description": "download location", "pattern": "[url:value = 'http://tvernedra.ru/zkca0de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28ac-e028-4b6f-8cc4-4017950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:36.000Z", "modified": "2016-07-19T13:18:36.000Z", "description": "download location", "pattern": "[url:value = 'http://u0086064.cp.regruhosting.ru/hnmbac']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28ad-093c-42d7-9fbc-4129950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:37.000Z", "modified": "2016-07-19T13:18:37.000Z", "description": "download location", "pattern": "[url:value = 'http://ultramarincentr.ru/ihreg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28ae-f094-4d72-ab4c-46fe950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:38.000Z", "modified": "2016-07-19T13:18:38.000Z", "description": "download location", "pattern": "[url:value = 'http://vidonet.es/al268615']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28af-7a84-43b5-aa7a-4fd6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:39.000Z", "modified": "2016-07-19T13:18:39.000Z", "description": "download location", "pattern": "[url:value = 'http://www.thephoneguy.talktalk.net/om8bt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--578e28b0-0828-4ccf-acfa-4723950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-07-19T13:18:40.000Z", "modified": "2016-07-19T13:18:40.000Z", "description": "download location", "pattern": "[url:value = 'http://zuerich-gewerbe.ch/99v85w']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-07-19T13:18:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }