{ "type": "bundle", "id": "bundle--5847c9b1-9114-4e0c-afe8-d9c6950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:11.000Z", "modified": "2016-12-07T08:37:11.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5847c9b1-9114-4e0c-afe8-d9c6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:11.000Z", "modified": "2016-12-07T08:37:11.000Z", "name": "Malspam 2016-12-07 (.js in .zip) - campaign: \"receipt\"", "published": "2016-12-07T08:38:23Z", "object_refs": [ "indicator--5847ca0d-67b0-460a-b82d-d9c2950d210f", "indicator--5847ca0e-287c-4998-b731-d9c2950d210f", "indicator--5847ca0e-e5f0-4eec-9c48-d9c2950d210f", "indicator--5847ca0e-693c-412d-afd6-d9c2950d210f", "indicator--5847ca0e-da34-4187-a393-d9c2950d210f", "indicator--5847ca0f-5ca0-4429-9abf-d9c2950d210f", "indicator--5847ca0f-7d50-414a-a6fe-d9c2950d210f", "indicator--5847ca0f-afa4-4c08-98c5-d9c2950d210f", "indicator--5847ca0f-8ab4-4f14-b869-d9c2950d210f", "indicator--5847ca0f-5298-4701-930c-d9c2950d210f", "indicator--5847ca10-5044-4255-acb0-d9c2950d210f", "indicator--5847ca10-107c-4036-a3e1-d9c2950d210f", "indicator--5847ca10-3c7c-4c13-877a-d9c2950d210f", "indicator--5847ca10-55ec-4fd9-9420-d9c2950d210f", "indicator--5847ca11-a758-48fd-8788-d9c2950d210f", "indicator--5847ca11-a38c-41e2-918b-d9c2950d210f", "indicator--5847ca11-b650-4e8a-969f-d9c2950d210f", "indicator--5847ca11-a568-4e21-92a8-d9c2950d210f", "indicator--5847ca11-a0ec-4550-82ce-d9c2950d210f", "indicator--5847ca12-1b9c-470d-9c3d-d9c2950d210f", "indicator--5847ca12-e474-4ab3-9151-d9c2950d210f", "indicator--5847ca12-73c4-4f55-ab89-d9c2950d210f", "indicator--5847ca12-7bd4-4ee9-a32a-d9c2950d210f", "indicator--5847ca13-3f10-49c4-872e-d9c2950d210f", "indicator--5847ca13-4de0-41ec-9919-d9c2950d210f", "indicator--5847ca13-479c-4f96-a6b8-d9c2950d210f", "indicator--5847ca13-fe0c-4e96-b662-d9c2950d210f", "indicator--5847ca14-bb48-48e2-8485-d9c2950d210f", "indicator--5847ca14-0c64-4f7c-901d-d9c2950d210f", "indicator--5847ca14-36c0-46b2-bc2b-d9c2950d210f", "indicator--5847ca14-d45c-447a-a914-d9c2950d210f", "indicator--5847ca15-89b8-4113-980c-d9c2950d210f", "indicator--5847ca15-2408-4768-8263-d9c2950d210f", "indicator--5847ca15-f51c-4e22-b7e7-d9c2950d210f", "indicator--5847ca15-dfa4-46de-9747-d9c2950d210f", "indicator--5847ca16-80b4-47fe-afe1-d9c2950d210f", "indicator--5847ca16-183c-477c-baf4-d9c2950d210f", "indicator--5847ca16-3404-4e52-8954-d9c2950d210f", "indicator--5847ca16-9464-4b0d-949a-d9c2950d210f", "indicator--5847ca17-55f4-40df-9b73-d9c2950d210f", "indicator--5847ca17-3780-47bc-8e9f-d9c2950d210f", "indicator--5847ca17-1418-40d0-99e9-d9c2950d210f", "indicator--5847ca17-9784-405a-82b9-d9c2950d210f", "indicator--5847ca18-0ff8-401c-9719-d9c2950d210f", "indicator--5847ca18-e058-4257-a072-d9c2950d210f", "indicator--5847ca18-8d08-4068-a2fd-d9c2950d210f", "indicator--5847ca18-03bc-44bb-836c-d9c2950d210f", "indicator--5847ca19-6f9c-4a75-aa3a-d9c2950d210f", "indicator--5847ca19-3bcc-4a53-95a3-d9c2950d210f", "indicator--5847ca19-2374-4c3d-8526-d9c2950d210f", "indicator--5847ca19-64b8-42f0-896d-d9c2950d210f", "indicator--5847ca1a-16d8-4472-9bf8-d9c2950d210f", "indicator--5847ca1a-992c-4776-b788-d9c2950d210f", "indicator--5847ca1a-c410-4616-be83-d9c2950d210f", "indicator--5847ca1a-10d4-4470-9424-d9c2950d210f", "indicator--5847ca1a-feb0-4989-b347-d9c2950d210f", "indicator--5847ca1b-0d80-45f8-9523-d9c2950d210f", "indicator--5847ca1b-a69c-4a4d-afce-d9c2950d210f", "indicator--5847ca1b-eae0-41d0-ba8b-d9c2950d210f", "indicator--5847ca1b-0a3c-4676-949b-d9c2950d210f", "indicator--5847ca1c-e36c-4274-b326-d9c2950d210f", "indicator--5847ca1c-5f14-4ab6-9780-d9c2950d210f", "indicator--5847ca1c-325c-4f3f-b2b9-d9c2950d210f", "indicator--5847ca1c-a68c-4a62-b572-d9c2950d210f", "indicator--5847ca1d-b9e8-45b7-bec8-d9c2950d210f", "indicator--5847ca1d-9b54-414f-916e-d9c2950d210f", "indicator--5847ca1d-e710-434a-aa66-d9c2950d210f", "indicator--5847ca1d-a8c4-4fb0-a1ba-d9c2950d210f", "indicator--5847ca1d-3f2c-4357-a651-d9c2950d210f", "indicator--5847ca1e-a20c-43c1-b0d3-d9c2950d210f", "indicator--5847ca1e-97bc-4925-86f3-d9c2950d210f", "indicator--5847ca1e-3de8-4532-b29c-d9c2950d210f", "indicator--5847ca1e-d204-4bbc-bb70-d9c2950d210f", "indicator--5847ca1f-58ac-476f-ae56-d9c2950d210f", "indicator--5847ca1f-cf70-48f8-89c7-d9c2950d210f", "indicator--5847ca1f-f688-4d42-bd5f-d9c2950d210f", "indicator--5847ca1f-57dc-4f84-a787-d9c2950d210f", "indicator--5847ca20-4480-4797-ac9f-d9c2950d210f", "indicator--5847ca20-d394-43c1-a0f5-d9c2950d210f", "indicator--5847ca20-2380-43f5-9aa4-d9c2950d210f", "indicator--5847ca20-36e4-430d-894e-d9c2950d210f", "indicator--5847ca20-dd1c-455d-ab66-d9c2950d210f", "indicator--5847ca21-7a54-4a02-a4a3-d9c2950d210f", "indicator--5847ca21-b2f4-4863-8ed2-d9c2950d210f", "indicator--5847ca21-5578-4135-bc1e-d9c2950d210f", "indicator--5847ca21-80e4-454d-ba04-d9c2950d210f", "indicator--5847ca22-3774-4c8f-aaa9-d9c2950d210f", "indicator--5847ca22-8090-4ad1-9716-d9c2950d210f", "indicator--5847ca22-f880-475b-a038-d9c2950d210f", "indicator--5847ca22-c310-4065-84cd-d9c2950d210f", "indicator--5847ca22-66d0-42ef-82e6-d9c2950d210f", "indicator--5847ca23-fe54-402d-b1a6-d9c2950d210f", "indicator--5847ca23-d49c-4b84-b06f-d9c2950d210f", "indicator--5847ca23-b794-4e9a-9f0e-d9c2950d210f", "indicator--5847ca23-ffac-4108-83eb-d9c2950d210f", "indicator--5847ca24-cea8-4058-8bd5-d9c2950d210f", "indicator--5847ca24-30cc-4e66-9840-d9c2950d210f", "indicator--5847ca24-e404-4d0b-82c7-d9c2950d210f", "indicator--5847ca24-6168-4ff4-84e5-d9c2950d210f", "indicator--5847ca25-3a58-44c2-8602-d9c2950d210f", "indicator--5847ca25-4160-41ae-8a84-d9c2950d210f", "indicator--5847ca25-7a5c-4a2c-82d5-d9c2950d210f", "indicator--5847ca25-e018-4f3d-a991-d9c2950d210f", "indicator--5847ca25-0c20-4870-a6e0-d9c2950d210f", "indicator--5847ca26-b0ac-488d-8b80-d9c2950d210f", "indicator--5847ca26-3bf8-48f9-884e-d9c2950d210f", "indicator--5847ca26-e208-4f90-9654-d9c2950d210f", "indicator--5847ca26-f4e8-4ece-9d71-d9c2950d210f", "indicator--5847ca27-1148-497c-baee-d9c2950d210f", "indicator--5847ca27-e880-4ded-8c74-d9c2950d210f", "indicator--5847ca27-c790-404d-94aa-d9c2950d210f", "indicator--5847ca27-9424-4c71-bd9e-d9c2950d210f", "indicator--5847ca27-eacc-416c-9c57-d9c2950d210f", "indicator--5847ca28-1004-43a3-882c-d9c2950d210f", "indicator--5847ca28-4540-4a1e-b290-d9c2950d210f", "indicator--5847ca28-6404-4324-b3f3-d9c2950d210f", "indicator--5847ca29-da4c-4f1f-b657-d9c2950d210f", "indicator--5847ca29-368c-4c03-98f3-d9c2950d210f", "indicator--5847ca29-2a6c-4d9a-813f-d9c2950d210f", "indicator--5847ca29-5e58-4a46-9aea-d9c2950d210f", "indicator--5847ca2a-19d0-45a5-aff4-d9c2950d210f", "indicator--5847ca2a-7540-47f6-a652-d9c2950d210f", "indicator--5847ca2a-8118-4453-84a2-d9c2950d210f", "indicator--5847ca2a-2638-4cb2-a95a-d9c2950d210f", "indicator--5847ca2b-8360-4865-9f52-d9c2950d210f", "indicator--5847ca2b-55fc-4afe-9859-d9c2950d210f", "indicator--5847ca2b-8478-4aae-99dc-d9c2950d210f", "indicator--5847ca2b-460c-47e7-ac49-d9c2950d210f", "indicator--5847ca2b-6208-4db3-bdce-d9c2950d210f", "indicator--5847ca2c-29b8-4e2a-8e90-d9c2950d210f", "indicator--5847ca2c-7ebc-443d-828c-d9c2950d210f", "indicator--5847ca2c-776c-462c-a7c8-d9c2950d210f", "indicator--5847ca2c-f058-4aab-a9c0-d9c2950d210f", "indicator--5847ca2d-2ae0-48f4-9d40-d9c2950d210f", "indicator--5847ca2d-a7bc-4703-8920-d9c2950d210f", "indicator--5847ca2d-3e90-4c6d-97f5-d9c2950d210f", "indicator--5847ca2d-2e9c-419f-a60e-d9c2950d210f", "indicator--5847ca2e-3444-4943-9d5c-d9c2950d210f", "indicator--5847ca2e-ddfc-4068-bd5c-d9c2950d210f", "indicator--5847ca2e-cd5c-4891-b210-d9c2950d210f", "indicator--5847ca2e-e0f8-4a00-b800-d9c2950d210f", "indicator--5847ca2f-82e8-476d-86dd-d9c2950d210f", "indicator--5847ca2f-7304-49f9-ac0e-d9c2950d210f", "indicator--5847ca2f-c84c-4be8-a97b-d9c2950d210f", "indicator--5847ca2f-2c90-4560-aa62-d9c2950d210f", "indicator--5847ca30-7b14-41b6-8344-d9c2950d210f", "indicator--5847ca30-b600-45b3-a573-d9c2950d210f", "indicator--5847ca30-3224-4eab-9d1b-d9c2950d210f", "indicator--5847ca30-9f8c-4711-b656-d9c2950d210f", "indicator--5847ca31-f518-4176-8cb3-d9c2950d210f", "indicator--5847ca31-405c-4537-a30c-d9c2950d210f", "indicator--5847ca31-7b80-4ab1-8765-d9c2950d210f", "indicator--5847ca32-94f8-44f7-906b-d9c2950d210f", "indicator--5847ca32-2028-4663-b881-d9c2950d210f", "indicator--5847ca32-2100-4dfd-803c-d9c2950d210f", "indicator--5847ca32-f3f4-4fed-856c-d9c2950d210f", "indicator--5847ca33-0474-4897-9cea-d9c2950d210f", "indicator--5847ca33-5590-42f7-a6ff-d9c2950d210f", "indicator--5847ca33-fb98-4d25-9cb8-d9c2950d210f", "indicator--5847ca33-7430-4aa3-a2b1-d9c2950d210f", "indicator--5847ca34-88cc-4ac0-9269-d9c2950d210f", "indicator--5847ca34-c024-4a0d-8386-d9c2950d210f", "indicator--5847ca34-8330-4482-b4e9-d9c2950d210f", "indicator--5847ca34-7b70-4ea8-8e22-d9c2950d210f", "indicator--5847ca34-8d5c-4b2e-accd-d9c2950d210f", "indicator--5847ca35-2054-4c4f-84ab-d9c2950d210f", "indicator--5847ca35-bc90-4387-aace-d9c2950d210f", "indicator--5847ca35-4ac0-400a-888f-d9c2950d210f", "indicator--5847ca35-1d20-422c-9a83-d9c2950d210f", "indicator--5847ca35-b740-4b90-9859-d9c2950d210f", "indicator--5847ca36-465c-454c-a0e9-d9c2950d210f", "indicator--5847ca36-ae0c-46f8-a9e6-d9c2950d210f", "indicator--5847ca36-42e4-420d-ae93-d9c2950d210f", "indicator--5847ca36-b498-43c2-a48e-d9c2950d210f", "indicator--5847ca37-4d14-45a6-b006-d9c2950d210f", "indicator--5847ca37-1588-43d0-beee-d9c2950d210f", "indicator--5847ca37-3d74-4dc4-aa92-d9c2950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0d-67b0-460a-b82d-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:29.000Z", "modified": "2016-12-07T08:36:29.000Z", "description": "download location", "pattern": "[url:value = 'http://www.izmirtente.info/itccwdk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0e-287c-4998-b731-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:30.000Z", "modified": "2016-12-07T08:36:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.izmirtente.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0e-e5f0-4eec-9c48-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:30.000Z", "modified": "2016-12-07T08:36:30.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.42.39.141']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0e-693c-412d-afd6-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:30.000Z", "modified": "2016-12-07T08:36:30.000Z", "description": "download location", "pattern": "[url:value = 'http://cementossj.cl/qrgmkmi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0e-da34-4187-a393-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:30.000Z", "modified": "2016-12-07T08:36:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'cementossj.cl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0f-5ca0-4429-9abf-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:31.000Z", "modified": "2016-12-07T08:36:31.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '131.108.209.103']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0f-7d50-414a-a6fe-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:31.000Z", "modified": "2016-12-07T08:36:31.000Z", "description": "download location", "pattern": "[url:value = 'http://pregnancysquare.com/wk97j']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0f-afa4-4c08-98c5-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:31.000Z", "modified": "2016-12-07T08:36:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'pregnancysquare.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0f-8ab4-4f14-b869-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:31.000Z", "modified": "2016-12-07T08:36:31.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '27.254.41.206']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca0f-5298-4701-930c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:31.000Z", "modified": "2016-12-07T08:36:31.000Z", "description": "download location", "pattern": "[url:value = 'http://www.tacfitacademy.com/i46phb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca10-5044-4255-acb0-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:32.000Z", "modified": "2016-12-07T08:36:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.tacfitacademy.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca10-107c-4036-a3e1-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:32.000Z", "modified": "2016-12-07T08:36:32.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.92.105.3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca10-3c7c-4c13-877a-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:32.000Z", "modified": "2016-12-07T08:36:32.000Z", "description": "download location", "pattern": "[url:value = 'http://nekkel.pl/0apru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca10-55ec-4fd9-9420-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:32.000Z", "modified": "2016-12-07T08:36:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'nekkel.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca11-a758-48fd-8788-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:33.000Z", "modified": "2016-12-07T08:36:33.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '87.98.239.19']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca11-a38c-41e2-918b-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:33.000Z", "modified": "2016-12-07T08:36:33.000Z", "description": "download location", "pattern": "[url:value = 'http://specimengear.dk/2armwx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca11-b650-4e8a-969f-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:33.000Z", "modified": "2016-12-07T08:36:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'specimengear.dk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca11-a568-4e21-92a8-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:33.000Z", "modified": "2016-12-07T08:36:33.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.231.103.128']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca11-a0ec-4550-82ce-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:33.000Z", "modified": "2016-12-07T08:36:33.000Z", "description": "download location", "pattern": "[url:value = 'http://www.tvblanket.com/baxullbrx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca12-1b9c-470d-9c3d-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:34.000Z", "modified": "2016-12-07T08:36:34.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.tvblanket.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca12-e474-4ab3-9151-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:34.000Z", "modified": "2016-12-07T08:36:34.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.29.151.221']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca12-73c4-4f55-ab89-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:34.000Z", "modified": "2016-12-07T08:36:34.000Z", "description": "download location", "pattern": "[url:value = 'http://trehoada.org/rakk97']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca12-7bd4-4ee9-a32a-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:34.000Z", "modified": "2016-12-07T08:36:34.000Z", "description": "download location", "pattern": "[domain-name:value = 'trehoada.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca13-3f10-49c4-872e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:35.000Z", "modified": "2016-12-07T08:36:35.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '123.30.187.207']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca13-4de0-41ec-9919-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:35.000Z", "modified": "2016-12-07T08:36:35.000Z", "description": "download location", "pattern": "[url:value = 'http://nechtyela.sk/k7ras']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca13-479c-4f96-a6b8-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:35.000Z", "modified": "2016-12-07T08:36:35.000Z", "description": "download location", "pattern": "[domain-name:value = 'nechtyela.sk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca13-fe0c-4e96-b662-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:35.000Z", "modified": "2016-12-07T08:36:35.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.94.52.79']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca14-bb48-48e2-8485-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:36.000Z", "modified": "2016-12-07T08:36:36.000Z", "description": "download location", "pattern": "[url:value = 'http://brei.com.br/kyi5l']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca14-0c64-4f7c-901d-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:36.000Z", "modified": "2016-12-07T08:36:36.000Z", "description": "download location", "pattern": "[domain-name:value = 'brei.com.br']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca14-36c0-46b2-bc2b-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:36.000Z", "modified": "2016-12-07T08:36:36.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.202.153.53']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca14-d45c-447a-a914-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:36.000Z", "modified": "2016-12-07T08:36:36.000Z", "description": "download location", "pattern": "[url:value = 'http://galeriamultiarte.com.br/osn2bj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca15-89b8-4113-980c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:37.000Z", "modified": "2016-12-07T08:36:37.000Z", "description": "download location", "pattern": "[domain-name:value = 'galeriamultiarte.com.br']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca15-2408-4768-8263-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:37.000Z", "modified": "2016-12-07T08:36:37.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '200.201.213.115']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca15-f51c-4e22-b7e7-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:37.000Z", "modified": "2016-12-07T08:36:37.000Z", "description": "download location", "pattern": "[url:value = 'http://radom.nl/zdknyeq0du']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca15-dfa4-46de-9747-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:37.000Z", "modified": "2016-12-07T08:36:37.000Z", "description": "download location", "pattern": "[domain-name:value = 'radom.nl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca16-80b4-47fe-afe1-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:38.000Z", "modified": "2016-12-07T08:36:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '159.253.0.64']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca16-183c-477c-baf4-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:38.000Z", "modified": "2016-12-07T08:36:38.000Z", "description": "download location", "pattern": "[url:value = 'http://restauranteelveintiseis.com/antpme']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca16-3404-4e52-8954-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:38.000Z", "modified": "2016-12-07T08:36:38.000Z", "description": "download location", "pattern": "[domain-name:value = 'restauranteelveintiseis.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca16-9464-4b0d-949a-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:38.000Z", "modified": "2016-12-07T08:36:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.215.22']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca17-55f4-40df-9b73-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:39.000Z", "modified": "2016-12-07T08:36:39.000Z", "description": "download location", "pattern": "[url:value = 'http://www.globalem.asia/gsup38l5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca17-3780-47bc-8e9f-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:39.000Z", "modified": "2016-12-07T08:36:39.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.globalem.asia']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca17-1418-40d0-99e9-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:39.000Z", "modified": "2016-12-07T08:36:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.23.76.112']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca17-9784-405a-82b9-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:39.000Z", "modified": "2016-12-07T08:36:39.000Z", "description": "download location", "pattern": "[url:value = 'http://hotpeppertrading.com/iuuhioli']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca18-0ff8-401c-9719-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:40.000Z", "modified": "2016-12-07T08:36:40.000Z", "description": "download location", "pattern": "[domain-name:value = 'hotpeppertrading.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca18-e058-4257-a072-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:40.000Z", "modified": "2016-12-07T08:36:40.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.217.112.201']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca18-8d08-4068-a2fd-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:40.000Z", "modified": "2016-12-07T08:36:40.000Z", "description": "download location", "pattern": "[url:value = 'http://nyxiaoyuan.com/uig0dyc7m']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca18-03bc-44bb-836c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:40.000Z", "modified": "2016-12-07T08:36:40.000Z", "description": "download location", "pattern": "[domain-name:value = 'nyxiaoyuan.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca19-6f9c-4a75-aa3a-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:41.000Z", "modified": "2016-12-07T08:36:41.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.114.90.173']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca19-3bcc-4a53-95a3-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:41.000Z", "modified": "2016-12-07T08:36:41.000Z", "description": "download location", "pattern": "[url:value = 'http://fonteaulente.com/q5vpvcz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca19-2374-4c3d-8526-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:41.000Z", "modified": "2016-12-07T08:36:41.000Z", "description": "download location", "pattern": "[domain-name:value = 'fonteaulente.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca19-64b8-42f0-896d-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:41.000Z", "modified": "2016-12-07T08:36:41.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.231.103.55']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1a-16d8-4472-9bf8-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:42.000Z", "modified": "2016-12-07T08:36:42.000Z", "description": "download location", "pattern": "[url:value = 'http://hotelmira.ru/on2gh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1a-992c-4776-b788-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:42.000Z", "modified": "2016-12-07T08:36:42.000Z", "description": "download location", "pattern": "[domain-name:value = 'hotelmira.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1a-c410-4616-be83-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:42.000Z", "modified": "2016-12-07T08:36:42.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.135.43']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1a-10d4-4470-9424-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:42.000Z", "modified": "2016-12-07T08:36:42.000Z", "description": "download location", "pattern": "[url:value = 'http://one1club.com/8iqrtn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1a-feb0-4989-b347-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:42.000Z", "modified": "2016-12-07T08:36:42.000Z", "description": "download location", "pattern": "[domain-name:value = 'one1club.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1b-0d80-45f8-9523-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:43.000Z", "modified": "2016-12-07T08:36:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.61.21.236']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1b-a69c-4a4d-afce-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:43.000Z", "modified": "2016-12-07T08:36:43.000Z", "description": "download location", "pattern": "[url:value = 'http://www.clap4ya.com/1eodzfvkg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1b-eae0-41d0-ba8b-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:43.000Z", "modified": "2016-12-07T08:36:43.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.clap4ya.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1b-0a3c-4676-949b-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:43.000Z", "modified": "2016-12-07T08:36:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.233.50.248']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1c-e36c-4274-b326-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:44.000Z", "modified": "2016-12-07T08:36:44.000Z", "description": "download location", "pattern": "[url:value = 'http://4djsbydjs.com/ffi5tpbui']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1c-5f14-4ab6-9780-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:44.000Z", "modified": "2016-12-07T08:36:44.000Z", "description": "download location", "pattern": "[domain-name:value = '4djsbydjs.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1c-325c-4f3f-b2b9-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:44.000Z", "modified": "2016-12-07T08:36:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '167.114.119.192']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1c-a68c-4a62-b572-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:44.000Z", "modified": "2016-12-07T08:36:44.000Z", "description": "download location", "pattern": "[url:value = 'http://gocatering.se/ctrshwvx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1d-b9e8-45b7-bec8-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:45.000Z", "modified": "2016-12-07T08:36:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'gocatering.se']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1d-9b54-414f-916e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:45.000Z", "modified": "2016-12-07T08:36:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.213.182']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1d-e710-434a-aa66-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:45.000Z", "modified": "2016-12-07T08:36:45.000Z", "description": "download location", "pattern": "[url:value = 'http://www.secretblog.de/j3m3iyomrh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1d-a8c4-4fb0-a1ba-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:45.000Z", "modified": "2016-12-07T08:36:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.secretblog.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1d-3f2c-4357-a651-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:45.000Z", "modified": "2016-12-07T08:36:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.214.253.127']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1e-a20c-43c1-b0d3-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:46.000Z", "modified": "2016-12-07T08:36:46.000Z", "description": "download location", "pattern": "[url:value = 'http://cr-inos.com/lzwiz3d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1e-97bc-4925-86f3-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:46.000Z", "modified": "2016-12-07T08:36:46.000Z", "description": "download location", "pattern": "[domain-name:value = 'cr-inos.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1e-3de8-4532-b29c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:46.000Z", "modified": "2016-12-07T08:36:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.0.230.91']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1e-d204-4bbc-bb70-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:46.000Z", "modified": "2016-12-07T08:36:46.000Z", "description": "download location", "pattern": "[url:value = 'http://rampas.ch/xc2clj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1f-58ac-476f-ae56-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:47.000Z", "modified": "2016-12-07T08:36:47.000Z", "description": "download location", "pattern": "[domain-name:value = 'rampas.ch']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1f-cf70-48f8-89c7-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:47.000Z", "modified": "2016-12-07T08:36:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.40.5.42']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1f-f688-4d42-bd5f-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:47.000Z", "modified": "2016-12-07T08:36:47.000Z", "description": "download location", "pattern": "[url:value = 'http://uriauerbach.com/l87aw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca1f-57dc-4f84-a787-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:47.000Z", "modified": "2016-12-07T08:36:47.000Z", "description": "download location", "pattern": "[domain-name:value = 'uriauerbach.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca20-4480-4797-ac9f-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:48.000Z", "modified": "2016-12-07T08:36:48.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.148.168.167']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca20-d394-43c1-a0f5-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:48.000Z", "modified": "2016-12-07T08:36:48.000Z", "description": "download location", "pattern": "[url:value = 'http://realearthproperties.in/surhnrm6xv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca20-2380-43f5-9aa4-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:48.000Z", "modified": "2016-12-07T08:36:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'realearthproperties.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca20-36e4-430d-894e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:48.000Z", "modified": "2016-12-07T08:36:48.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.96.217.91']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca20-dd1c-455d-ab66-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:48.000Z", "modified": "2016-12-07T08:36:48.000Z", "description": "download location", "pattern": "[url:value = 'http://xn--80adixsmm7f.net/9c8cqg55x']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca21-7a54-4a02-a4a3-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:49.000Z", "modified": "2016-12-07T08:36:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'xn--80adixsmm7f.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca21-b2f4-4863-8ed2-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:49.000Z", "modified": "2016-12-07T08:36:49.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.28.172.177']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca21-5578-4135-bc1e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:49.000Z", "modified": "2016-12-07T08:36:49.000Z", "description": "download location", "pattern": "[url:value = 'http://nsecoaching.ca/cd62kg4btm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca21-80e4-454d-ba04-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:49.000Z", "modified": "2016-12-07T08:36:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'nsecoaching.ca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca22-3774-4c8f-aaa9-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:50.000Z", "modified": "2016-12-07T08:36:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.124.249.59']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca22-8090-4ad1-9716-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:50.000Z", "modified": "2016-12-07T08:36:50.000Z", "description": "download location", "pattern": "[url:value = 'http://childrenshouse.co.za/1v0lblf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca22-f880-475b-a038-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:50.000Z", "modified": "2016-12-07T08:36:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'childrenshouse.co.za']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca22-c310-4065-84cd-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:50.000Z", "modified": "2016-12-07T08:36:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.193.5.59']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca22-66d0-42ef-82e6-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:50.000Z", "modified": "2016-12-07T08:36:50.000Z", "description": "download location", "pattern": "[url:value = 'http://www.gostaythere.com/7oemd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca23-fe54-402d-b1a6-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:51.000Z", "modified": "2016-12-07T08:36:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.gostaythere.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca23-d49c-4b84-b06f-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:51.000Z", "modified": "2016-12-07T08:36:51.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.255.35.216']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca23-b794-4e9a-9f0e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:51.000Z", "modified": "2016-12-07T08:36:51.000Z", "description": "download location", "pattern": "[url:value = 'http://gaozhao-edu.com/jdspeeimvz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca23-ffac-4108-83eb-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:51.000Z", "modified": "2016-12-07T08:36:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'gaozhao-edu.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca24-cea8-4058-8bd5-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:52.000Z", "modified": "2016-12-07T08:36:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.252.107.142']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca24-30cc-4e66-9840-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:52.000Z", "modified": "2016-12-07T08:36:52.000Z", "description": "download location", "pattern": "[url:value = 'http://artsonimage.com/b7d2pn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca24-e404-4d0b-82c7-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:52.000Z", "modified": "2016-12-07T08:36:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'artsonimage.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca24-6168-4ff4-84e5-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:52.000Z", "modified": "2016-12-07T08:36:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '184.107.101.211']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca25-3a58-44c2-8602-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:53.000Z", "modified": "2016-12-07T08:36:53.000Z", "description": "download location", "pattern": "[url:value = 'http://elizabethwright.co.uk/ode8hifc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca25-4160-41ae-8a84-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:53.000Z", "modified": "2016-12-07T08:36:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'elizabethwright.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca25-7a5c-4a2c-82d5-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:53.000Z", "modified": "2016-12-07T08:36:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.23.152.24']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca25-e018-4f3d-a991-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:53.000Z", "modified": "2016-12-07T08:36:53.000Z", "description": "download location", "pattern": "[url:value = 'http://www.veinteproducciones.com.ar/mcren']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca25-0c20-4870-a6e0-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:53.000Z", "modified": "2016-12-07T08:36:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.veinteproducciones.com.ar']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca26-b0ac-488d-8b80-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:54.000Z", "modified": "2016-12-07T08:36:54.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.28.199.70']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca26-3bf8-48f9-884e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:54.000Z", "modified": "2016-12-07T08:36:54.000Z", "description": "download location", "pattern": "[url:value = 'http://www.dahuahdcvi.com/4yjo2ewbam']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca26-e208-4f90-9654-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:54.000Z", "modified": "2016-12-07T08:36:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.dahuahdcvi.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca26-f4e8-4ece-9d71-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:54.000Z", "modified": "2016-12-07T08:36:54.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.146.127.213']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca27-1148-497c-baee-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:55.000Z", "modified": "2016-12-07T08:36:55.000Z", "description": "download location", "pattern": "[url:value = 'http://rosispitaniya.com/x07nn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca27-e880-4ded-8c74-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:55.000Z", "modified": "2016-12-07T08:36:55.000Z", "description": "download location", "pattern": "[domain-name:value = 'rosispitaniya.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca27-c790-404d-94aa-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:55.000Z", "modified": "2016-12-07T08:36:55.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.95.102.221']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca27-9424-4c71-bd9e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:55.000Z", "modified": "2016-12-07T08:36:55.000Z", "description": "download location", "pattern": "[url:value = 'http://www.seecomedia.com/qem1cmp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca27-eacc-416c-9c57-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:55.000Z", "modified": "2016-12-07T08:36:55.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.seecomedia.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca28-1004-43a3-882c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:56.000Z", "modified": "2016-12-07T08:36:56.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '114.112.91.91']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca28-4540-4a1e-b290-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:56.000Z", "modified": "2016-12-07T08:36:56.000Z", "description": "download location", "pattern": "[url:value = 'http://rabussa.wz.cz/x08gte']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca28-6404-4324-b3f3-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:56.000Z", "modified": "2016-12-07T08:36:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'rabussa.wz.cz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca29-da4c-4f1f-b657-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:57.000Z", "modified": "2016-12-07T08:36:57.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.64.219.7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca29-368c-4c03-98f3-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:57.000Z", "modified": "2016-12-07T08:36:57.000Z", "description": "download location", "pattern": "[url:value = 'http://koresh.co.il/9uoctzb2vo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca29-2a6c-4d9a-813f-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:57.000Z", "modified": "2016-12-07T08:36:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'koresh.co.il']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca29-5e58-4a46-9aea-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:57.000Z", "modified": "2016-12-07T08:36:57.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.218.71.217']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2a-19d0-45a5-aff4-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:58.000Z", "modified": "2016-12-07T08:36:58.000Z", "description": "download location", "pattern": "[url:value = 'http://thedivafiles.com/29gce0ube']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2a-7540-47f6-a652-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:58.000Z", "modified": "2016-12-07T08:36:58.000Z", "description": "download location", "pattern": "[domain-name:value = 'thedivafiles.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2a-8118-4453-84a2-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:58.000Z", "modified": "2016-12-07T08:36:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.251.29.233']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2a-2638-4cb2-a95a-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:58.000Z", "modified": "2016-12-07T08:36:58.000Z", "description": "download location", "pattern": "[url:value = 'http://benefeet.org/a4ztilxpex']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2b-8360-4865-9f52-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:59.000Z", "modified": "2016-12-07T08:36:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'benefeet.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2b-55fc-4afe-9859-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:59.000Z", "modified": "2016-12-07T08:36:59.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.74.128.210']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2b-8478-4aae-99dc-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:59.000Z", "modified": "2016-12-07T08:36:59.000Z", "description": "download location", "pattern": "[url:value = 'http://rhyzrin.com/ysacclh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2b-460c-47e7-ac49-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:59.000Z", "modified": "2016-12-07T08:36:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'rhyzrin.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2b-6208-4db3-bdce-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:36:59.000Z", "modified": "2016-12-07T08:36:59.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.6.196.118']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:36:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2c-29b8-4e2a-8e90-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:00.000Z", "modified": "2016-12-07T08:37:00.000Z", "description": "download location", "pattern": "[url:value = 'http://sieuthicuadep.com/jwqwt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2c-7ebc-443d-828c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:00.000Z", "modified": "2016-12-07T08:37:00.000Z", "description": "download location", "pattern": "[domain-name:value = 'sieuthicuadep.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2c-776c-462c-a7c8-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:00.000Z", "modified": "2016-12-07T08:37:00.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.28.36.203']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2c-f058-4aab-a9c0-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:00.000Z", "modified": "2016-12-07T08:37:00.000Z", "description": "download location", "pattern": "[url:value = 'http://mirageaudiovisual.com/jflp9dkxsg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2d-2ae0-48f4-9d40-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:01.000Z", "modified": "2016-12-07T08:37:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'mirageaudiovisual.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2d-a7bc-4703-8920-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:01.000Z", "modified": "2016-12-07T08:37:01.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.83.210.26']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2d-3e90-4c6d-97f5-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:01.000Z", "modified": "2016-12-07T08:37:01.000Z", "description": "download location", "pattern": "[url:value = 'http://col-lab.com/m1p73uqdeb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2d-2e9c-419f-a60e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:01.000Z", "modified": "2016-12-07T08:37:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'col-lab.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2e-3444-4943-9d5c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:02.000Z", "modified": "2016-12-07T08:37:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '101.79.129.23']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2e-ddfc-4068-bd5c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:02.000Z", "modified": "2016-12-07T08:37:02.000Z", "description": "download location", "pattern": "[url:value = 'http://naama-yeshayahu.com/twibpn8don']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2e-cd5c-4891-b210-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:02.000Z", "modified": "2016-12-07T08:37:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'naama-yeshayahu.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2e-e0f8-4a00-b800-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:02.000Z", "modified": "2016-12-07T08:37:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.218.71.219']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2f-82e8-476d-86dd-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:03.000Z", "modified": "2016-12-07T08:37:03.000Z", "description": "download location", "pattern": "[url:value = 'http://be-liveinu.com/gcc4vi0jyb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2f-7304-49f9-ac0e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:03.000Z", "modified": "2016-12-07T08:37:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'be-liveinu.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2f-c84c-4be8-a97b-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:03.000Z", "modified": "2016-12-07T08:37:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.246.135']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca2f-2c90-4560-aa62-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:03.000Z", "modified": "2016-12-07T08:37:03.000Z", "description": "download location", "pattern": "[url:value = 'http://redecamponesa.com.br/bovofik']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca30-7b14-41b6-8344-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:04.000Z", "modified": "2016-12-07T08:37:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'redecamponesa.com.br']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca30-b600-45b3-a573-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:04.000Z", "modified": "2016-12-07T08:37:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.202.153.161']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca30-3224-4eab-9d1b-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:04.000Z", "modified": "2016-12-07T08:37:04.000Z", "description": "download location", "pattern": "[url:value = 'http://www.smartkutu.com/eijjjici62']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca30-9f8c-4711-b656-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:04.000Z", "modified": "2016-12-07T08:37:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.smartkutu.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca31-f518-4176-8cb3-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:05.000Z", "modified": "2016-12-07T08:37:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.73.144.151']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca31-405c-4537-a30c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:05.000Z", "modified": "2016-12-07T08:37:05.000Z", "description": "download location", "pattern": "[url:value = 'http://jachin.co.kr/n48wu8a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca31-7b80-4ab1-8765-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:05.000Z", "modified": "2016-12-07T08:37:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'jachin.co.kr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca32-94f8-44f7-906b-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:06.000Z", "modified": "2016-12-07T08:37:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.40.221.67']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca32-2028-4663-b881-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:06.000Z", "modified": "2016-12-07T08:37:06.000Z", "description": "download location", "pattern": "[url:value = 'http://quentinconstruction.com/jcmprfrr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca32-2100-4dfd-803c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:06.000Z", "modified": "2016-12-07T08:37:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'quentinconstruction.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca32-f3f4-4fed-856c-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:06.000Z", "modified": "2016-12-07T08:37:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.9.9.93']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca33-0474-4897-9cea-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:07.000Z", "modified": "2016-12-07T08:37:07.000Z", "description": "download location", "pattern": "[url:value = 'http://welte.pl/czdpf6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca33-5590-42f7-a6ff-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:07.000Z", "modified": "2016-12-07T08:37:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'welte.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca33-fb98-4d25-9cb8-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:07.000Z", "modified": "2016-12-07T08:37:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.96.68.245']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca33-7430-4aa3-a2b1-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:07.000Z", "modified": "2016-12-07T08:37:07.000Z", "description": "download location", "pattern": "[url:value = 'http://roome.co.il/uc3bhhxwoa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca34-88cc-4ac0-9269-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:07.000Z", "modified": "2016-12-07T08:37:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'roome.co.il']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca34-c024-4a0d-8386-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:08.000Z", "modified": "2016-12-07T08:37:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.124.249.165']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca34-8330-4482-b4e9-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:08.000Z", "modified": "2016-12-07T08:37:08.000Z", "description": "download location", "pattern": "[url:value = 'http://bjarnum.eu/pjj42gl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca34-7b70-4ea8-8e22-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:08.000Z", "modified": "2016-12-07T08:37:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'bjarnum.eu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca34-8d5c-4b2e-accd-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:08.000Z", "modified": "2016-12-07T08:37:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.9.95.75']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca35-2054-4c4f-84ab-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:09.000Z", "modified": "2016-12-07T08:37:09.000Z", "description": "download location", "pattern": "[url:value = 'http://www.cvshopfactory.com/da9p4ja']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca35-bc90-4387-aace-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:09.000Z", "modified": "2016-12-07T08:37:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.cvshopfactory.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca35-4ac0-400a-888f-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:09.000Z", "modified": "2016-12-07T08:37:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.241.208.104']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca35-1d20-422c-9a83-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:09.000Z", "modified": "2016-12-07T08:37:09.000Z", "description": "download location", "pattern": "[url:value = 'http://renklerle.com/vycrub']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca35-b740-4b90-9859-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:09.000Z", "modified": "2016-12-07T08:37:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'renklerle.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca36-465c-454c-a0e9-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:10.000Z", "modified": "2016-12-07T08:37:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.95.84.115']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca36-ae0c-46f8-a9e6-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:10.000Z", "modified": "2016-12-07T08:37:10.000Z", "description": "download location", "pattern": "[url:value = 'http://chocogaterie.eu/lijxve8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca36-42e4-420d-ae93-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:10.000Z", "modified": "2016-12-07T08:37:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'chocogaterie.eu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca36-b498-43c2-a48e-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:10.000Z", "modified": "2016-12-07T08:37:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.121.50.140']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca37-4d14-45a6-b006-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:11.000Z", "modified": "2016-12-07T08:37:11.000Z", "description": "download location", "pattern": "[url:value = 'http://diariolatitud35.com.ar/edkij4anq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca37-1588-43d0-beee-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:11.000Z", "modified": "2016-12-07T08:37:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'diariolatitud35.com.ar']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5847ca37-3d74-4dc4-aa92-d9c2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-07T08:37:11.000Z", "modified": "2016-12-07T08:37:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.230.155.240']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-07T08:37:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }