{ "type": "bundle", "id": "bundle--57ee144e-ad24-4175-ba0e-4943950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:54.000Z", "modified": "2016-09-30T07:29:54.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57ee144e-ad24-4175-ba0e-4943950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:54.000Z", "modified": "2016-09-30T07:29:54.000Z", "name": "Malspam 2016-09-30 (.wsf in .zip) - campaign: \"Emailing\"", "published": "2016-09-30T07:48:31Z", "object_refs": [ "indicator--57ee1468-cffc-413d-8a9e-4b5b950d210f", "indicator--57ee1468-7684-4310-b09a-48c8950d210f", "indicator--57ee1468-5610-47ac-8a71-45f7950d210f", "indicator--57ee1469-57e8-466e-a028-4e1e950d210f", "indicator--57ee1469-b690-49f8-901c-4cb3950d210f", "indicator--57ee1469-5db8-4f6a-b81b-4b38950d210f", "indicator--57ee1469-8704-477f-a7ed-47c0950d210f", "indicator--57ee1469-069c-44e9-a17a-4e0a950d210f", "indicator--57ee146a-4738-4889-9772-4e0d950d210f", "indicator--57ee146a-5128-49cc-9d68-4f70950d210f", "indicator--57ee146a-78d4-4582-8c14-4d14950d210f", "indicator--57ee146a-8b1c-4886-9359-4098950d210f", "indicator--57ee146b-dcc8-44f9-a106-4ebf950d210f", "indicator--57ee146b-3978-4631-b186-410f950d210f", "indicator--57ee146b-9f64-43d1-8893-4d60950d210f", "indicator--57ee146b-9de0-4efe-96c5-4dde950d210f", "indicator--57ee146b-33a0-4ba6-a73d-4147950d210f", "indicator--57ee146c-823c-4610-90ea-4ec1950d210f", "indicator--57ee146c-8f80-46ec-b584-4f44950d210f", "indicator--57ee146c-c5a0-44e4-b27d-494d950d210f", "indicator--57ee146c-7cc4-43e4-937a-4f7b950d210f", "indicator--57ee146d-9718-47a8-b47d-4d7b950d210f", "indicator--57ee146d-2780-4a9b-a234-428a950d210f", "indicator--57ee146d-a9bc-4ae8-8541-4e49950d210f", "indicator--57ee146d-d528-40ad-aa71-4358950d210f", "indicator--57ee146d-1f24-4e8d-82ee-4d42950d210f", "indicator--57ee146e-b41c-4771-86b0-46ab950d210f", "indicator--57ee146e-1de4-4c52-a713-4e0a950d210f", "indicator--57ee146e-320c-4a1c-9ccd-4551950d210f", "indicator--57ee146e-08b4-4612-a818-46a7950d210f", "indicator--57ee146f-852c-48c7-9b9a-4cdd950d210f", "indicator--57ee146f-b82c-44cb-80d5-43f7950d210f", "indicator--57ee146f-a2d4-4105-8f3a-42f3950d210f", "indicator--57ee146f-010c-4094-a38f-4233950d210f", "indicator--57ee146f-a1dc-4db1-8b4b-442b950d210f", "indicator--57ee1470-ef6c-4498-9549-48aa950d210f", "indicator--57ee1470-dd3c-4868-a144-4af2950d210f", "indicator--57ee1470-47a8-4fe4-a1f4-4725950d210f", "indicator--57ee1470-18bc-4b3c-989b-4bbd950d210f", "indicator--57ee1470-206c-4db3-81e1-43ec950d210f", "indicator--57ee1471-6b64-4b73-b512-452d950d210f", "indicator--57ee1471-3cd8-4220-9ab9-40f9950d210f", "indicator--57ee1471-1658-4ac4-8530-4f72950d210f", "indicator--57ee1471-5b84-486d-b683-4107950d210f", "indicator--57ee1471-1538-4e59-a391-49bd950d210f", "indicator--57ee1472-356c-44e8-a795-431e950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1468-cffc-413d-8a9e-4b5b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:44.000Z", "modified": "2016-09-30T07:29:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.28.6.177']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1468-7684-4310-b09a-48c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:44.000Z", "modified": "2016-09-30T07:29:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.114.89.240']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1468-5610-47ac-8a71-45f7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:44.000Z", "modified": "2016-09-30T07:29:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.254.28.107']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1469-57e8-466e-a028-4e1e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:45.000Z", "modified": "2016-09-30T07:29:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '182.253.236.10']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1469-b690-49f8-901c-4cb3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:45.000Z", "modified": "2016-09-30T07:29:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.54.115.140']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1469-5db8-4f6a-b81b-4b38950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:45.000Z", "modified": "2016-09-30T07:29:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.140.192.124']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1469-8704-477f-a7ed-47c0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:45.000Z", "modified": "2016-09-30T07:29:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.46.129.210']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1469-069c-44e9-a17a-4e0a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:45.000Z", "modified": "2016-09-30T07:29:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.213.149']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146a-4738-4889-9772-4e0d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:46.000Z", "modified": "2016-09-30T07:29:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.90.54.5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146a-5128-49cc-9d68-4f70950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:46.000Z", "modified": "2016-09-30T07:29:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.87.248.224']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146a-78d4-4582-8c14-4d14950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:46.000Z", "modified": "2016-09-30T07:29:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.8.203.224']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146a-8b1c-4886-9359-4098950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:46.000Z", "modified": "2016-09-30T07:29:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.84.69.75']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146b-dcc8-44f9-a106-4ebf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:47.000Z", "modified": "2016-09-30T07:29:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.20.75.70']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146b-3978-4631-b186-410f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:47.000Z", "modified": "2016-09-30T07:29:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.89.22.245']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146b-9f64-43d1-8893-4d60950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:47.000Z", "modified": "2016-09-30T07:29:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.220.207.148']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146b-9de0-4efe-96c5-4dde950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:47.000Z", "modified": "2016-09-30T07:29:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.118.45.12']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146b-33a0-4ba6-a73d-4147950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:47.000Z", "modified": "2016-09-30T07:29:47.000Z", "description": "download location", "pattern": "[domain-name:value = 'allinfo.xyz.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146c-823c-4610-90ea-4ec1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:48.000Z", "modified": "2016-09-30T07:29:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'asknaija.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146c-8f80-46ec-b584-4f44950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:48.000Z", "modified": "2016-09-30T07:29:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'autokover.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146c-c5a0-44e4-b27d-494d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:48.000Z", "modified": "2016-09-30T07:29:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'ayobuy.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146c-7cc4-43e4-937a-4f7b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:48.000Z", "modified": "2016-09-30T07:29:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'b2c-batteries.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146d-9718-47a8-b47d-4d7b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:49.000Z", "modified": "2016-09-30T07:29:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'badimalik.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146d-2780-4a9b-a234-428a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:49.000Z", "modified": "2016-09-30T07:29:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'banquetesycoctelesfsf.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146d-a9bc-4ae8-8541-4e49950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:49.000Z", "modified": "2016-09-30T07:29:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'bantayan.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146d-d528-40ad-aa71-4358950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:49.000Z", "modified": "2016-09-30T07:29:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'bestsourcecode.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146d-1f24-4e8d-82ee-4d42950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:49.000Z", "modified": "2016-09-30T07:29:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'bj-fzwb.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146e-b41c-4771-86b0-46ab950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:50.000Z", "modified": "2016-09-30T07:29:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'bjjmmt.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146e-1de4-4c52-a713-4e0a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:50.000Z", "modified": "2016-09-30T07:29:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'bladeandsoultr.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146e-320c-4a1c-9ccd-4551950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:50.000Z", "modified": "2016-09-30T07:29:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'bobernichow.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146e-08b4-4612-a818-46a7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:50.000Z", "modified": "2016-09-30T07:29:50.000Z", "description": "download location", "pattern": "[url:value = 'http://allinfo.xyz.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146f-852c-48c7-9b9a-4cdd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:51.000Z", "modified": "2016-09-30T07:29:51.000Z", "description": "download location", "pattern": "[url:value = 'http://asknaija.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146f-b82c-44cb-80d5-43f7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:51.000Z", "modified": "2016-09-30T07:29:51.000Z", "description": "download location", "pattern": "[url:value = 'http://autokover.ru/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146f-a2d4-4105-8f3a-42f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:51.000Z", "modified": "2016-09-30T07:29:51.000Z", "description": "download location", "pattern": "[url:value = 'http://ayobuy.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146f-010c-4094-a38f-4233950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:51.000Z", "modified": "2016-09-30T07:29:51.000Z", "description": "download location", "pattern": "[url:value = 'http://b2c-batteries.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee146f-a1dc-4db1-8b4b-442b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:51.000Z", "modified": "2016-09-30T07:29:51.000Z", "description": "download location", "pattern": "[url:value = 'http://badimalik.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1470-ef6c-4498-9549-48aa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:52.000Z", "modified": "2016-09-30T07:29:52.000Z", "description": "download location", "pattern": "[url:value = 'http://banquetesycoctelesfsf.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1470-dd3c-4868-a144-4af2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:52.000Z", "modified": "2016-09-30T07:29:52.000Z", "description": "download location", "pattern": "[url:value = 'http://bantayan.net/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1470-47a8-4fe4-a1f4-4725950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:52.000Z", "modified": "2016-09-30T07:29:52.000Z", "description": "download location", "pattern": "[url:value = 'http://bestsourcecode.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1470-18bc-4b3c-989b-4bbd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:52.000Z", "modified": "2016-09-30T07:29:52.000Z", "description": "download location", "pattern": "[url:value = 'http://bj-fzwb.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1470-206c-4db3-81e1-43ec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:52.000Z", "modified": "2016-09-30T07:29:52.000Z", "description": "download location", "pattern": "[url:value = 'http://bjjmmt.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1471-6b64-4b73-b512-452d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:53.000Z", "modified": "2016-09-30T07:29:53.000Z", "description": "download location", "pattern": "[url:value = 'http://bladeandsoultr.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1471-3cd8-4220-9ab9-40f9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:53.000Z", "modified": "2016-09-30T07:29:53.000Z", "description": "download location", "pattern": "[url:value = 'http://bobernichow.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1471-1658-4ac4-8530-4f72950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:53.000Z", "modified": "2016-09-30T07:29:53.000Z", "description": "download location", "pattern": "[url:value = 'http://kashira.potolki.bz/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1471-5b84-486d-b683-4107950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:53.000Z", "modified": "2016-09-30T07:29:53.000Z", "description": "download location", "pattern": "[url:value = 'http://shuspong.com/938fhnr3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1471-1538-4e59-a391-49bd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:53.000Z", "modified": "2016-09-30T07:29:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'kashira.potolki.bz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee1472-356c-44e8-a795-431e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T07:29:54.000Z", "modified": "2016-09-30T07:29:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'shuspong.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T07:29:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }