{ "type": "bundle", "id": "bundle--57bc3c97-4468-4077-b757-8d97950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:16.000Z", "modified": "2016-08-23T14:26:16.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57bc3c97-4468-4077-b757-8d97950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:16.000Z", "modified": "2016-08-23T14:26:16.000Z", "name": "Malspam 2016-08-23 (.wsf in .zip) - campaign: \"New voice mail message from [RANDOM]\"", "published": "2016-08-23T14:43:15Z", "object_refs": [ "indicator--57bc3e89-e71c-4c5e-b114-98d8950d210f", "indicator--57bc3e89-5b30-4431-ab98-98d8950d210f", "indicator--57bc3e8a-64c8-4a53-9867-98d8950d210f", "indicator--57bc3e8a-abc8-428d-9a42-98d8950d210f", "indicator--57bc3e8a-fc58-484b-9647-98d8950d210f", "indicator--57bc3e8a-4f94-41db-94e0-98d8950d210f", "indicator--57bc3e8a-3028-4b3a-98b1-98d8950d210f", "indicator--57bc3e8b-c170-40e4-b559-98d8950d210f", "indicator--57bc3e8b-66cc-4bdc-a756-98d8950d210f", "indicator--57bc3e8b-bddc-4789-84f2-98d8950d210f", "indicator--57bc3e8b-d174-4b38-b7f5-98d8950d210f", "indicator--57bc3e8b-1bbc-406c-a6f6-98d8950d210f", "indicator--57bc3e8c-2ec8-4559-8e1a-98d8950d210f", "indicator--57bc3e8c-11e0-44f9-9dd5-98d8950d210f", "indicator--57bc3e8c-436c-4a25-8fd5-98d8950d210f", "indicator--57bc3e8c-f40c-4bef-8083-98d8950d210f", "indicator--57bc3e8d-ae1c-43e6-ac44-98d8950d210f", "indicator--57bc3e8d-3750-4454-9393-98d8950d210f", "indicator--57bc3e8d-f884-43ee-8436-98d8950d210f", "indicator--57bc3e8d-45d0-4e49-8bba-98d8950d210f", "indicator--57bc3e8d-bf08-4963-ba83-98d8950d210f", "indicator--57bc3e8e-5180-46f4-be34-98d8950d210f", "indicator--57bc3e8e-1f7c-4245-bcdb-98d8950d210f", "indicator--57bc3e8e-2e84-4de6-a748-98d8950d210f", "indicator--57bc3e8e-1dcc-408a-89fb-98d8950d210f", "indicator--57bc3e8e-bf40-45d9-897a-98d8950d210f", "indicator--57bc3e8f-8a20-49ef-803b-98d8950d210f", "indicator--57bc3e8f-bdc8-44b9-b302-98d8950d210f", "indicator--57bc3e8f-d69c-4166-acaa-98d8950d210f", "indicator--57bc3e8f-3150-4d34-b584-98d8950d210f", "indicator--57bc3e90-0110-4870-8770-98d8950d210f", "indicator--57bc3e90-5644-44b8-852c-98d8950d210f", "indicator--57bc3e90-21d4-49cf-ac6d-98d8950d210f", "indicator--57bc3e90-6fd4-4779-b4e1-98d8950d210f", "indicator--57bc3e90-d68c-4812-b38d-98d8950d210f", "indicator--57bc3e91-96fc-48df-a6d8-98d8950d210f", "indicator--57bc3e91-a000-400c-a98a-98d8950d210f", "indicator--57bc3e91-9254-43a5-b657-98d8950d210f", "indicator--57bc3e91-4c4c-40e7-a923-98d8950d210f", "indicator--57bc3e91-f0d8-469c-9f69-98d8950d210f", "indicator--57bc3e92-97d0-4a89-9ea5-98d8950d210f", "indicator--57bc3e92-3578-403a-be24-98d8950d210f", "indicator--57bc42f1-5f30-4f32-9c75-5560950d210f", "indicator--57bc42f1-d670-4f50-a45c-5560950d210f", "indicator--57bc42f1-3618-48ce-9582-5560950d210f", "indicator--57bc42f1-410c-46d1-8854-5560950d210f", "indicator--57bc42f2-33d0-4783-b8a6-5560950d210f", "indicator--57bc42f2-fe18-42d1-be2d-5560950d210f", "indicator--57bc42f2-dbb4-42e4-b6eb-5560950d210f", "indicator--57bc42f2-3658-443d-98fa-5560950d210f", "indicator--57bc42f2-88f8-4f27-b301-5560950d210f", "indicator--57bc42f3-a4a0-44b6-b71f-5560950d210f", "indicator--57bc42f3-fdc8-4560-b055-5560950d210f", "indicator--57bc4590-a050-40b0-9fd0-5564950d210f", "indicator--57bc4590-6c68-4db5-91da-5564950d210f", "indicator--57bc4590-dff8-4535-8b00-5564950d210f", "indicator--57bc4591-87c4-4108-af31-5564950d210f", "indicator--57bc4591-bce0-4d76-b077-5564950d210f", "indicator--57bc4591-4f4c-4f72-a132-5564950d210f", "indicator--57bc4591-adf4-46d7-ba14-5564950d210f", "indicator--57bc4591-ae58-4c1a-99ca-5564950d210f", "indicator--57bc4592-0aec-4130-bd6b-5564950d210f", "indicator--57bc5cf8-0698-48a4-9a65-5aec950d210f", "indicator--57bc5cf9-0f04-4b00-8d0c-5aec950d210f", "indicator--57bc5cf9-414c-45eb-a11d-5aec950d210f", "indicator--57bc5cfa-cde4-4f10-88ee-5aec950d210f", "indicator--57bc5cfa-6c80-4d84-b3a2-5aec950d210f", "indicator--57bc5cfb-07c0-4537-a836-5aec950d210f", "indicator--57bc5cfb-a274-49e4-b81e-5aec950d210f", "indicator--57bc5cfc-3340-444f-bd98-5aec950d210f", "indicator--57bc5cfc-e0f4-4213-9a89-5aec950d210f", "indicator--57bc5cfd-9c28-44a5-9617-5aec950d210f", "indicator--57bc5cfd-9f8c-417c-a4e5-5aec950d210f", "indicator--57bc5cfe-7e90-4828-b148-5aec950d210f", "indicator--57bc5cfe-3ec0-429b-8746-5aec950d210f", "indicator--57bc5cff-b79c-4e8e-9099-5aec950d210f", "indicator--57bc5cff-af40-4f8e-88dc-5aec950d210f", "indicator--57bc5d00-7dec-452c-8fe8-5aec950d210f", "indicator--57bc5d00-a9cc-4897-99f1-5aec950d210f", "indicator--57bc5d01-c10c-48e8-80ed-5aec950d210f", "indicator--57bc5d01-bd68-43ba-91af-5aec950d210f", "indicator--57bc5d02-c54c-410e-9a65-5aec950d210f", "indicator--57bc5d02-0938-4c54-9813-5aec950d210f", "indicator--57bc5d03-c188-4b53-ba24-5aec950d210f", "indicator--57bc5d03-9664-435e-a154-5aec950d210f", "indicator--57bc5d04-91b4-4ecb-83dd-5aec950d210f", "indicator--57bc5d04-2588-47c1-a3dc-5aec950d210f", "indicator--57bc5d05-39e0-4e44-ae8a-5aec950d210f", "indicator--57bc5d05-d5c4-412c-a02e-5aec950d210f", "indicator--57bc5d06-54f0-4318-9755-5aec950d210f", "indicator--57bc5d06-a830-4a53-a74a-5aec950d210f", "indicator--57bc5d07-462c-43c3-ac0c-5aec950d210f", "indicator--57bc5d07-0404-4bbe-b6bd-5aec950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e89-e71c-4c5e-b114-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:09.000Z", "modified": "2016-08-23T12:16:09.000Z", "description": "download location", "pattern": "[url:value = 'http://www.bavaria-wein.de/HJghjb54?lBYgXMt=JStxcDsUL']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e89-5b30-4431-ab98-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:09.000Z", "modified": "2016-08-23T12:16:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.bavaria-wein.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8a-64c8-4a53-9867-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:09.000Z", "modified": "2016-08-23T12:16:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.199.0.35']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8a-abc8-428d-9a42-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:10.000Z", "modified": "2016-08-23T12:16:10.000Z", "description": "download location", "pattern": "[url:value = 'http://maj.claas.fr/HJghjb54?nTStkY=KsBazYnqnR']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8a-fc58-484b-9647-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:10.000Z", "modified": "2016-08-23T12:16:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'maj.claas.fr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8a-4f94-41db-94e0-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:10.000Z", "modified": "2016-08-23T12:16:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.247.24.50']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8a-3028-4b3a-98b1-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:10.000Z", "modified": "2016-08-23T12:16:10.000Z", "description": "download location", "pattern": "[url:value = 'http://wannmore.web.fc2.com/HJghjb54?hvfXYMH=WKamGyQQy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8b-c170-40e4-b559-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:11.000Z", "modified": "2016-08-23T12:16:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'wannmore.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8b-66cc-4bdc-a756-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:11.000Z", "modified": "2016-08-23T12:16:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.49']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8b-bddc-4789-84f2-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:11.000Z", "modified": "2016-08-23T12:16:11.000Z", "description": "download location", "pattern": "[url:value = 'http://danzig.vtrbandaancha.net/HJghjb54?wJwCyfFFeL=mutkEEJuH']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8b-d174-4b38-b7f5-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:11.000Z", "modified": "2016-08-23T12:16:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'danzig.vtrbandaancha.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8b-1bbc-406c-a6f6-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:11.000Z", "modified": "2016-08-23T12:16:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '200.83.4.62']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8c-2ec8-4559-8e1a-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:12.000Z", "modified": "2016-08-23T12:16:12.000Z", "description": "download location", "pattern": "[url:value = 'http://www.automac.it/HJghjb54?lBYgXMt=JStxcDsUL']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8c-11e0-44f9-9dd5-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:12.000Z", "modified": "2016-08-23T12:16:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.automac.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8c-436c-4a25-8fd5-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:12.000Z", "modified": "2016-08-23T12:16:12.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.78.215.76']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8c-f40c-4bef-8083-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:12.000Z", "modified": "2016-08-23T12:16:12.000Z", "description": "download location", "pattern": "[url:value = 'http://koutokukan.web.fc2.com/HJghjb54?nTStkY=KsBazYnqnR']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8d-ae1c-43e6-ac44-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:13.000Z", "modified": "2016-08-23T12:16:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'koutokukan.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8d-3750-4454-9393-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:13.000Z", "modified": "2016-08-23T12:16:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.45']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8d-f884-43ee-8436-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:13.000Z", "modified": "2016-08-23T12:16:13.000Z", "description": "download location", "pattern": "[url:value = 'http://www.cortesidesign.com/HJghjb54?hvfXYMH=WKamGyQQy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8d-45d0-4e49-8bba-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:13.000Z", "modified": "2016-08-23T12:16:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.cortesidesign.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8d-bf08-4963-ba83-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:13.000Z", "modified": "2016-08-23T12:16:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8e-5180-46f4-be34-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:14.000Z", "modified": "2016-08-23T12:16:14.000Z", "description": "download location", "pattern": "[url:value = 'http://xa6480.xa6.serverdomain.org/HJghjb54?wJwCyfFFeL=mutkEEJuH']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8e-1f7c-4245-bcdb-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:14.000Z", "modified": "2016-08-23T12:16:14.000Z", "description": "download location", "pattern": "[domain-name:value = 'xa6480.xa6.serverdomain.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8e-2e84-4de6-a748-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:14.000Z", "modified": "2016-08-23T12:16:14.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.107.186.40']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8e-1dcc-408a-89fb-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:14.000Z", "modified": "2016-08-23T12:16:14.000Z", "description": "download location", "pattern": "[url:value = 'http://zikunoana.houkou-onchi.com/HJghjb54?nTStkY=KsBazYnqnR']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8e-bf40-45d9-897a-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:14.000Z", "modified": "2016-08-23T12:16:14.000Z", "description": "download location", "pattern": "[domain-name:value = 'zikunoana.houkou-onchi.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8f-8a20-49ef-803b-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:15.000Z", "modified": "2016-08-23T12:16:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.42.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8f-bdc8-44b9-b302-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:15.000Z", "modified": "2016-08-23T12:16:15.000Z", "description": "download location", "pattern": "[url:value = 'http://www.meallservice.it/HJghjb54?hvfXYMH=WKamGyQQy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8f-d69c-4166-acaa-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:15.000Z", "modified": "2016-08-23T12:16:15.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.meallservice.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e8f-3150-4d34-b584-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:15.000Z", "modified": "2016-08-23T12:16:15.000Z", "description": "download location", "pattern": "[url:value = 'http://www.ladymusic.it/HJghjb54?wJwCyfFFeL=mutkEEJuH']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e90-0110-4870-8770-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:16.000Z", "modified": "2016-08-23T12:16:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.ladymusic.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e90-5644-44b8-852c-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:16.000Z", "modified": "2016-08-23T12:16:16.000Z", "description": "download location", "pattern": "[url:value = 'http://www.bavaria-wein.de/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e90-21d4-49cf-ac6d-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:16.000Z", "modified": "2016-08-23T12:16:16.000Z", "description": "download location", "pattern": "[url:value = 'http://maj.claas.fr/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e90-6fd4-4779-b4e1-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:16.000Z", "modified": "2016-08-23T12:16:16.000Z", "description": "download location", "pattern": "[url:value = 'http://wannmore.web.fc2.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e90-d68c-4812-b38d-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:16.000Z", "modified": "2016-08-23T12:16:16.000Z", "description": "download location", "pattern": "[url:value = 'http://danzig.vtrbandaancha.net/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e91-96fc-48df-a6d8-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:17.000Z", "modified": "2016-08-23T12:16:17.000Z", "description": "download location", "pattern": "[url:value = 'http://www.automac.it/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e91-a000-400c-a98a-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:17.000Z", "modified": "2016-08-23T12:16:17.000Z", "description": "download location", "pattern": "[url:value = 'http://koutokukan.web.fc2.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e91-9254-43a5-b657-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:17.000Z", "modified": "2016-08-23T12:16:17.000Z", "description": "download location", "pattern": "[url:value = 'http://www.cortesidesign.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e91-4c4c-40e7-a923-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:17.000Z", "modified": "2016-08-23T12:16:17.000Z", "description": "download location", "pattern": "[url:value = 'http://xa6480.xa6.serverdomain.org/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e91-f0d8-469c-9f69-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:17.000Z", "modified": "2016-08-23T12:16:17.000Z", "description": "download location", "pattern": "[url:value = 'http://zikunoana.houkou-onchi.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e92-97d0-4a89-9ea5-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:18.000Z", "modified": "2016-08-23T12:16:18.000Z", "description": "download location", "pattern": "[url:value = 'http://www.meallservice.it/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc3e92-3578-403a-be24-98d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:16:18.000Z", "modified": "2016-08-23T12:16:18.000Z", "description": "download location", "pattern": "[url:value = 'http://www.ladymusic.it/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:16:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f1-5f30-4f32-9c75-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:57.000Z", "modified": "2016-08-23T12:34:57.000Z", "description": "download location", "pattern": "[url:value = 'http://www.impresadeambrosis.it/HJghjb54?kppodMyl=aWbiqiVOY']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f1-d670-4f50-a45c-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:57.000Z", "modified": "2016-08-23T12:34:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.impresadeambrosis.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f1-3618-48ce-9582-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:57.000Z", "modified": "2016-08-23T12:34:57.000Z", "description": "download location", "pattern": "[url:value = 'http://mgotto.homepage.t-online.de/HJghjb54?kppodMyl=aWbiqiVOY']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f1-410c-46d1-8854-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:57.000Z", "modified": "2016-08-23T12:34:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'mgotto.homepage.t-online.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f2-33d0-4783-b8a6-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:58.000Z", "modified": "2016-08-23T12:34:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.150.6.138']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f2-fe18-42d1-be2d-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:58.000Z", "modified": "2016-08-23T12:34:58.000Z", "description": "download location", "pattern": "[url:value = 'http://www.scio-wellness.com/HJghjb54?kppodMyl=aWbiqiVOY']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f2-dbb4-42e4-b6eb-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:58.000Z", "modified": "2016-08-23T12:34:58.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.scio-wellness.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f2-3658-443d-98fa-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:58.000Z", "modified": "2016-08-23T12:34:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.85.249.130']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f2-88f8-4f27-b301-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:58.000Z", "modified": "2016-08-23T12:34:58.000Z", "description": "download location", "pattern": "[url:value = 'http://www.impresadeambrosis.it/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f3-a4a0-44b6-b71f-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:59.000Z", "modified": "2016-08-23T12:34:59.000Z", "description": "download location", "pattern": "[url:value = 'http://mgotto.homepage.t-online.de/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc42f3-fdc8-4560-b055-5560950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:34:59.000Z", "modified": "2016-08-23T12:34:59.000Z", "description": "download location", "pattern": "[url:value = 'http://www.scio-wellness.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:34:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4590-a050-40b0-9fd0-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:08.000Z", "modified": "2016-08-23T12:46:08.000Z", "description": "download location", "pattern": "[url:value = 'http://vimp.hi2.ro/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4590-6c68-4db5-91da-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:08.000Z", "modified": "2016-08-23T12:46:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'vimp.hi2.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4590-dff8-4535-8b00-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:08.000Z", "modified": "2016-08-23T12:46:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.42.39.81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4591-87c4-4108-af31-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:09.000Z", "modified": "2016-08-23T12:46:09.000Z", "description": "download location", "pattern": "[url:value = 'http://swapairplaneplans.50webs.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4591-bce0-4d76-b077-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:09.000Z", "modified": "2016-08-23T12:46:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'swapairplaneplans.50webs.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4591-4f4c-4f72-a132-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:09.000Z", "modified": "2016-08-23T12:46:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.101.84']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4591-adf4-46d7-ba14-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:09.000Z", "modified": "2016-08-23T12:46:09.000Z", "description": "download location", "pattern": "[url:value = 'http://hokama.web.fc2.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4591-ae58-4c1a-99ca-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:09.000Z", "modified": "2016-08-23T12:46:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'hokama.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc4592-0aec-4130-bd6b-5564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T12:46:10.000Z", "modified": "2016-08-23T12:46:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T12:46:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cf8-0698-48a4-9a65-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:00.000Z", "modified": "2016-08-23T14:26:00.000Z", "description": "download location", "pattern": "[url:value = 'http://www.impresadeambrosis.it/HJghjb54?yMKpFID=grfXAoX']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cf9-0f04-4b00-8d0c-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:01.000Z", "modified": "2016-08-23T14:26:01.000Z", "description": "download location", "pattern": "[url:value = 'http://www.informaonline.org/HJghjb54?EVIIlvN=HNfoplP']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cf9-414c-45eb-a11d-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:01.000Z", "modified": "2016-08-23T14:26:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.informaonline.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfa-cde4-4f10-88ee-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:02.000Z", "modified": "2016-08-23T14:26:02.000Z", "description": "download location", "pattern": "[url:value = 'http://www.impresadeambrosis.it/HJghjb54?fQDMfCSrP=cVSuDUJmCY']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfa-6c80-4d84-b3a2-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:02.000Z", "modified": "2016-08-23T14:26:02.000Z", "description": "download location", "pattern": "[url:value = 'http://wannmore.web.fc2.com/HJghjb54?twauFI=OOeQBhIeTQ']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfb-07c0-4537-a836-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:03.000Z", "modified": "2016-08-23T14:26:03.000Z", "description": "download location", "pattern": "[url:value = 'http://maj.claas.fr/HJghjb54?fBRsLNIlT=FqwuFpRf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfb-a274-49e4-b81e-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:03.000Z", "modified": "2016-08-23T14:26:03.000Z", "description": "download location", "pattern": "[url:value = 'http://maj.claas.fr/HJghjb54?qikdtjRP=FssCFJT']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfc-3340-444f-bd98-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:04.000Z", "modified": "2016-08-23T14:26:04.000Z", "description": "download location", "pattern": "[url:value = 'http://backyard004.web.fc2.com/HJghjb54?yMKpFID=grfXAoX']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfc-e0f4-4213-9a89-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:04.000Z", "modified": "2016-08-23T14:26:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'backyard004.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfd-9c28-44a5-9617-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:05.000Z", "modified": "2016-08-23T14:26:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.40']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfd-9f8c-417c-a4e5-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:05.000Z", "modified": "2016-08-23T14:26:05.000Z", "description": "download location", "pattern": "[url:value = 'http://mgotto.homepage.t-online.de/HJghjb54?EVIIlvN=HNfoplP']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfe-7e90-4828-b148-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:06.000Z", "modified": "2016-08-23T14:26:06.000Z", "description": "download location", "pattern": "[url:value = 'http://swapairplaneplans.50webs.com/HJghjb54?fQDMfCSrP=cVSuDUJmCY']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cfe-3ec0-429b-8746-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:06.000Z", "modified": "2016-08-23T14:26:06.000Z", "description": "download location", "pattern": "[url:value = 'http://mgotto.homepage.t-online.de/HJghjb54?twauFI=OOeQBhIeTQ']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cff-b79c-4e8e-9099-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:07.000Z", "modified": "2016-08-23T14:26:07.000Z", "description": "download location", "pattern": "[url:value = 'http://backyard004.web.fc2.com/HJghjb54?fBRsLNIlT=FqwuFpRf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5cff-af40-4f8e-88dc-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:07.000Z", "modified": "2016-08-23T14:26:07.000Z", "description": "download location", "pattern": "[url:value = 'http://mgotto.homepage.t-online.de/HJghjb54?qikdtjRP=FssCFJT']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d00-7dec-452c-8fe8-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:08.000Z", "modified": "2016-08-23T14:26:08.000Z", "description": "download location", "pattern": "[url:value = 'http://www.scio-wellness.com/HJghjb54?yMKpFID=grfXAoX']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d00-a9cc-4897-99f1-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:08.000Z", "modified": "2016-08-23T14:26:08.000Z", "description": "download location", "pattern": "[url:value = 'http://www.fcgdansk36.republika.pl/HJghjb54?EVIIlvN=HNfoplP']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d01-c10c-48e8-80ed-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:09.000Z", "modified": "2016-08-23T14:26:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.fcgdansk36.republika.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d01-bd68-43ba-91af-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:09.000Z", "modified": "2016-08-23T14:26:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.180.150.17']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d02-c54c-410e-9a65-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:10.000Z", "modified": "2016-08-23T14:26:10.000Z", "description": "download location", "pattern": "[url:value = 'http://hojkov.unas.cz/HJghjb54?fQDMfCSrP=cVSuDUJmCY']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d02-0938-4c54-9813-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:10.000Z", "modified": "2016-08-23T14:26:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'hojkov.unas.cz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d03-c188-4b53-ba24-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:11.000Z", "modified": "2016-08-23T14:26:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.64.219.7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d03-9664-435e-a154-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:11.000Z", "modified": "2016-08-23T14:26:11.000Z", "description": "download location", "pattern": "[url:value = 'http://zikunoana.houkou-onchi.com/HJghjb54?twauFI=OOeQBhIeTQ']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d04-91b4-4ecb-83dd-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:12.000Z", "modified": "2016-08-23T14:26:12.000Z", "description": "download location", "pattern": "[url:value = 'http://www.ladymusic.it/HJghjb54?fBRsLNIlT=FqwuFpRf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d04-2588-47c1-a3dc-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:12.000Z", "modified": "2016-08-23T14:26:12.000Z", "description": "download location", "pattern": "[url:value = 'http://www.alessandrocangiano.com/HJghjb54?qikdtjRP=FssCFJT']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d05-39e0-4e44-ae8a-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:13.000Z", "modified": "2016-08-23T14:26:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.alessandrocangiano.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d05-d5c4-412c-a02e-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:13.000Z", "modified": "2016-08-23T14:26:13.000Z", "description": "download location", "pattern": "[url:value = 'http://www.informaonline.org/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d06-54f0-4318-9755-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:14.000Z", "modified": "2016-08-23T14:26:14.000Z", "description": "download location", "pattern": "[url:value = 'http://backyard004.web.fc2.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d06-a830-4a53-a74a-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:14.000Z", "modified": "2016-08-23T14:26:14.000Z", "description": "download location", "pattern": "[url:value = 'http://www.fcgdansk36.republika.pl/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d07-462c-43c3-ac0c-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:15.000Z", "modified": "2016-08-23T14:26:15.000Z", "description": "download location", "pattern": "[url:value = 'http://hojkov.unas.cz/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bc5d07-0404-4bbe-b6bd-5aec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-23T14:26:15.000Z", "modified": "2016-08-23T14:26:15.000Z", "description": "download location", "pattern": "[url:value = 'http://www.alessandrocangiano.com/HJghjb54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-23T14:26:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }