{ "type": "bundle", "id": "bundle--57ee6fdf-1e58-4cbe-8de1-4287950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:27:02.000Z", "modified": "2016-09-30T14:27:02.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57ee6fdf-1e58-4cbe-8de1-4287950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:27:02.000Z", "modified": "2016-09-30T14:27:02.000Z", "name": "Malspam 2016-09-30 (.doc) - campaign: \"Receipt\"", "published": "2016-09-30T14:28:00Z", "object_refs": [ "indicator--57ee6ffa-1ddc-434b-8720-4338950d210f", "indicator--57ee6ffa-2a08-4ec3-9c43-4585950d210f", "indicator--57ee6ffb-538c-427d-a30b-48d3950d210f", "indicator--57ee6ffb-0810-458a-9967-49f3950d210f", "indicator--57ee6ffb-c62c-4eea-8658-4a34950d210f", "indicator--57ee6ffb-0304-4d7e-9e6e-43b1950d210f", "indicator--57ee6ffc-d348-42a4-bf43-4fab950d210f", "indicator--57ee6ffc-3bcc-4da0-bc86-47cc950d210f", "indicator--57ee6ffc-71fc-463b-9bc8-4d9b950d210f", "indicator--57ee6ffc-bdc4-4099-b4c2-4fae950d210f", "indicator--57ee6ffc-d2a4-42de-90d9-4422950d210f", "indicator--57ee6ffd-a134-4095-b0b4-41f1950d210f", "indicator--57ee6ffd-2814-4c91-a1da-4327950d210f", "indicator--57ee6ffd-39a0-4280-9177-45a8950d210f", "indicator--57ee6ffd-7134-4b2a-a2cf-420d950d210f", "indicator--57ee6ffd-1b58-496c-b2ee-4025950d210f", "indicator--57ee6ffe-3498-412a-aed8-40fa950d210f", "indicator--57ee6ffe-ef1c-4d61-87f4-4bd3950d210f", "indicator--57ee6ffe-b390-41a7-8af9-4f13950d210f", "indicator--57ee6ffe-14a4-4554-b815-4bd1950d210f", "indicator--57ee6ffe-8438-46b3-8eed-4122950d210f", "indicator--57ee709e-5f18-464c-8663-47c3950d210f", "indicator--57ee709e-375c-4117-821a-40d9950d210f", "indicator--57ee709e-7d84-4a6e-8423-4586950d210f", "indicator--57ee70e0-66d0-466d-ac0a-484e950d210f", "indicator--57ee70e0-119c-40b2-b147-4c42950d210f", "indicator--57ee70e1-b810-4448-9d49-4a1f950d210f", "indicator--57ee70e1-cf40-4957-94cf-4921950d210f", "indicator--57ee70e1-6328-4680-b109-4e96950d210f", "indicator--57ee70e1-ba18-4c90-a919-402c950d210f", "indicator--57ee7635-36b0-4c93-8065-4a10950d210f", "indicator--57ee7636-8360-4501-9d54-466c950d210f", "indicator--57ee7636-6028-4d42-9d20-460a950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffa-1ddc-434b-8720-4338950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:26.000Z", "modified": "2016-09-30T14:00:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.89.122.236']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffa-2a08-4ec3-9c43-4585950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:26.000Z", "modified": "2016-09-30T14:00:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.250.244.87']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffb-538c-427d-a30b-48d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:27.000Z", "modified": "2016-09-30T14:00:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.87.248.224']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffb-0810-458a-9967-49f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:27.000Z", "modified": "2016-09-30T14:00:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.89.27.246']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffb-c62c-4eea-8658-4a34950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:27.000Z", "modified": "2016-09-30T14:00:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.90.161.195']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffb-0304-4d7e-9e6e-43b1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:27.000Z", "modified": "2016-09-30T14:00:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.220.207.148']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffc-d348-42a4-bf43-4fab950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:28.000Z", "modified": "2016-09-30T14:00:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.25.33.146']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffc-3bcc-4da0-bc86-47cc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:28.000Z", "modified": "2016-09-30T14:00:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'amerikanservisi.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffc-71fc-463b-9bc8-4d9b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:28.000Z", "modified": "2016-09-30T14:00:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'bantayan.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffc-bdc4-4099-b4c2-4fae950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:28.000Z", "modified": "2016-09-30T14:00:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'bestsourcecode.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffc-d2a4-42de-90d9-4422950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:28.000Z", "modified": "2016-09-30T14:00:28.000Z", "description": "download location", "pattern": "[domain-name:value = 'gomelnaushnik.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffd-a134-4095-b0b4-41f1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:29.000Z", "modified": "2016-09-30T14:00:29.000Z", "description": "download location", "pattern": "[url:value = 'http://amerikanservisi.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffd-2814-4c91-a1da-4327950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:29.000Z", "modified": "2016-09-30T14:00:29.000Z", "description": "download location", "pattern": "[url:value = 'http://bantayan.net/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffd-39a0-4280-9177-45a8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:29.000Z", "modified": "2016-09-30T14:00:29.000Z", "description": "download location", "pattern": "[url:value = 'http://bestsourcecode.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffd-7134-4b2a-a2cf-420d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:29.000Z", "modified": "2016-09-30T14:00:29.000Z", "description": "download location", "pattern": "[url:value = 'http://gomelnaushnik.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffd-1b58-496c-b2ee-4025950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:29.000Z", "modified": "2016-09-30T14:00:29.000Z", "description": "download location", "pattern": "[url:value = 'http://lucianasaliani.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffe-3498-412a-aed8-40fa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:30.000Z", "modified": "2016-09-30T14:00:30.000Z", "description": "download location", "pattern": "[url:value = 'http://mepowell.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffe-ef1c-4d61-87f4-4bd3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:30.000Z", "modified": "2016-09-30T14:00:30.000Z", "description": "download location", "pattern": "[url:value = 'http://teothemes.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffe-b390-41a7-8af9-4f13950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:30.000Z", "modified": "2016-09-30T14:00:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'lucianasaliani.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffe-14a4-4554-b815-4bd1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:30.000Z", "modified": "2016-09-30T14:00:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'mepowell.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee6ffe-8438-46b3-8eed-4122950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:00:30.000Z", "modified": "2016-09-30T14:00:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'teothemes.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:00:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee709e-5f18-464c-8663-47c3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:03:10.000Z", "modified": "2016-09-30T14:03:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.54.115.140']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:03:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee709e-375c-4117-821a-40d9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:03:10.000Z", "modified": "2016-09-30T14:03:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'asknaija.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:03:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee709e-7d84-4a6e-8423-4586950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:03:10.000Z", "modified": "2016-09-30T14:03:10.000Z", "description": "download location", "pattern": "[url:value = 'http://asknaija.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:03:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee70e0-66d0-466d-ac0a-484e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:04:16.000Z", "modified": "2016-09-30T14:04:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.51.252']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:04:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee70e0-119c-40b2-b147-4c42950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:04:16.000Z", "modified": "2016-09-30T14:04:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.20.75.70']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:04:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee70e1-b810-4448-9d49-4a1f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:04:17.000Z", "modified": "2016-09-30T14:04:17.000Z", "description": "download location", "pattern": "[domain-name:value = 'b2c-batteries.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:04:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee70e1-cf40-4957-94cf-4921950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:04:17.000Z", "modified": "2016-09-30T14:04:17.000Z", "description": "download location", "pattern": "[url:value = 'http://b2c-batteries.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:04:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee70e1-6328-4680-b109-4e96950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:04:17.000Z", "modified": "2016-09-30T14:04:17.000Z", "description": "download location", "pattern": "[url:value = 'http://techsilicon.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:04:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee70e1-ba18-4c90-a919-402c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:04:17.000Z", "modified": "2016-09-30T14:04:17.000Z", "description": "download location", "pattern": "[domain-name:value = 'techsilicon.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:04:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee7635-36b0-4c93-8065-4a10950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:27:01.000Z", "modified": "2016-09-30T14:27:01.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.163.34.60']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:27:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee7636-8360-4501-9d54-466c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:27:02.000Z", "modified": "2016-09-30T14:27:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'activexsearch.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:27:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57ee7636-6028-4d42-9d20-460a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-30T14:27:02.000Z", "modified": "2016-09-30T14:27:02.000Z", "description": "download location", "pattern": "[url:value = 'http://activexsearch.com/021ygs7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-30T14:27:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }