{ "type": "bundle", "id": "bundle--57113e3b-2424-44de-9686-4bc8950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:05.000Z", "modified": "2016-04-15T19:19:05.000Z", "name": "CthulhuSPRL.be", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57113e3b-2424-44de-9686-4bc8950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:05.000Z", "modified": "2016-04-15T19:19:05.000Z", "name": "Expansion on 596552@qq.com", "published": "2016-04-15T19:20:51Z", "object_refs": [ "x-misp-attribute--57113e73-5e1c-423c-b7f1-4ea2950d210f", "indicator--57113ea9-9f28-473b-8be7-5156950d210f", "indicator--57113eaa-8c04-42ba-8e34-5156950d210f", "indicator--57113eaa-5748-421f-8cea-5156950d210f", "indicator--57113eaa-f258-4aff-9660-5156950d210f", "indicator--57113eab-673c-4833-81a9-5156950d210f", "indicator--57113eab-66c4-450f-a579-5156950d210f", "indicator--57113eac-b178-475d-9ae9-5156950d210f", "indicator--57113eac-848c-4212-b534-5156950d210f", "indicator--57113eac-826c-4443-89ef-5156950d210f", "indicator--57113ead-b898-49ca-a73b-5156950d210f", "indicator--57113ead-921c-49da-9301-5156950d210f", "indicator--57113ead-bdfc-4889-b11a-5156950d210f", "indicator--57113eae-52a4-4a4f-bca7-5156950d210f", "indicator--57113eae-cf20-413a-b526-5156950d210f", "indicator--57113eae-cee4-40b3-855c-5156950d210f", "indicator--57113eaf-196c-47cb-bc65-5156950d210f", "indicator--57113eaf-8d40-4bf8-8d3a-5156950d210f", "indicator--57113eaf-ec78-4bfe-9a39-5156950d210f", "indicator--57113eb0-958c-46a7-8faf-5156950d210f", "indicator--57113eb0-a14c-4865-82e6-5156950d210f", "indicator--57113eb0-3504-4254-b5c2-5156950d210f", "indicator--57113eb1-e794-420f-8a9d-5156950d210f", "indicator--57113eb1-f2ec-4cb6-b13b-5156950d210f", "indicator--57113eb1-9bb4-4107-b78b-5156950d210f", "indicator--57113eb2-c2d8-4124-b112-5156950d210f", "indicator--57113eb2-7cb8-45b8-b0bf-5156950d210f", "indicator--57113eb2-b3d8-49c2-99da-5156950d210f", "indicator--57113eb3-f3e8-4bdc-835d-5156950d210f", "indicator--57113eb3-bfc0-41d4-ab73-5156950d210f", "indicator--57113eb3-c58c-46ab-987f-5156950d210f", "indicator--57113eb4-6034-4deb-848e-5156950d210f", "indicator--57113eb4-aca4-4f41-b4c8-5156950d210f", "indicator--57113eb4-0488-4fd0-920f-5156950d210f", "indicator--57113eb5-e6a8-4ae6-86ee-5156950d210f", "indicator--57113eb5-c51c-46d7-9320-5156950d210f", "indicator--57113eb5-52bc-4360-a1db-5156950d210f", "indicator--57113eb6-e184-4fb0-9711-5156950d210f", "indicator--57113eb6-a618-447c-abf2-5156950d210f", "indicator--57113eb6-ce64-4ad1-8ab5-5156950d210f", "indicator--57113eb7-13c4-4761-a0e3-5156950d210f", "indicator--57113eb7-2a30-4fe8-8c0c-5156950d210f", "indicator--57113eb7-4374-474f-9c99-5156950d210f", "indicator--57113eb8-0640-4b09-8be2-5156950d210f", "indicator--57113eb8-149c-44a1-98b4-5156950d210f", "indicator--57113eb8-3b48-4eb7-9dee-5156950d210f", "indicator--57113eb9-0440-43d3-935f-5156950d210f", "indicator--57113eb9-a2f8-4505-b38d-5156950d210f", "indicator--57113eb9-24fc-4945-8637-5156950d210f", "indicator--57113eba-9160-4ad2-bc92-5156950d210f", "indicator--57113eba-e0f4-47fd-b4af-5156950d210f", "indicator--57113eba-59d0-410d-b81c-5156950d210f", "indicator--57113ebb-ac34-47c3-905a-5156950d210f", "indicator--57113ebb-8080-47cb-9c53-5156950d210f", "indicator--57113ebb-2cc8-450a-bee6-5156950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "expansion:whois-registrant-email", "admiralty-scale:information-credibility=\"3\"" ], "object_marking_refs": [ "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da" ] }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--57113e73-5e1c-423c-b7f1-4ea2950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:18:11.000Z", "modified": "2016-04-15T19:18:11.000Z", "labels": [ "misp:type=\"whois-registrant-email\"", "misp:category=\"Attribution\"", "misp:to_ids=\"True\"" ], "x_misp_category": "Attribution", "x_misp_type": "whois-registrant-email", "x_misp_value": "596552@qq.com" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113ea9-9f28-473b-8be7-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:05.000Z", "modified": "2016-04-15T19:19:05.000Z", "pattern": "[domain-name:value = 'acld1e.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eaa-8c04-42ba-8e34-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:06.000Z", "modified": "2016-04-15T19:19:06.000Z", "pattern": "[domain-name:value = 'ahthja.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eaa-5748-421f-8cea-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:06.000Z", "modified": "2016-04-15T19:19:06.000Z", "pattern": "[domain-name:value = 'bple1b.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eaa-f258-4aff-9660-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:06.000Z", "modified": "2016-04-15T19:19:06.000Z", "pattern": "[domain-name:value = 'bvff.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eab-673c-4833-81a9-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:07.000Z", "modified": "2016-04-15T19:19:07.000Z", "pattern": "[domain-name:value = 'car741.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eab-66c4-450f-a579-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:07.000Z", "modified": "2016-04-15T19:19:07.000Z", "pattern": "[domain-name:value = 'car963.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eac-b178-475d-9ae9-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:08.000Z", "modified": "2016-04-15T19:19:08.000Z", "pattern": "[domain-name:value = 'celd1.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eac-848c-4212-b534-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:08.000Z", "modified": "2016-04-15T19:19:08.000Z", "pattern": "[domain-name:value = 'cmjb.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eac-826c-4443-89ef-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:08.000Z", "modified": "2016-04-15T19:19:08.000Z", "pattern": "[domain-name:value = 'cnabc.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113ead-b898-49ca-a73b-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:09.000Z", "modified": "2016-04-15T19:19:09.000Z", "pattern": "[domain-name:value = 'cnbbc.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113ead-921c-49da-9301-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:09.000Z", "modified": "2016-04-15T19:19:09.000Z", "pattern": "[domain-name:value = 'cnccc.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113ead-bdfc-4889-b11a-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:09.000Z", "modified": "2016-04-15T19:19:09.000Z", "pattern": "[domain-name:value = 'cnebc.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eae-52a4-4a4f-bca7-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:10.000Z", "modified": "2016-04-15T19:19:10.000Z", "pattern": "[domain-name:value = 'cnibc.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eae-cf20-413a-b526-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:10.000Z", "modified": "2016-04-15T19:19:10.000Z", "pattern": "[domain-name:value = 'dacv.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eae-cee4-40b3-855c-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:10.000Z", "modified": "2016-04-15T19:19:10.000Z", "pattern": "[domain-name:value = 'ddct.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eaf-196c-47cb-bc65-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:11.000Z", "modified": "2016-04-15T19:19:11.000Z", "pattern": "[domain-name:value = 'deld1a.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eaf-8d40-4bf8-8d3a-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:11.000Z", "modified": "2016-04-15T19:19:11.000Z", "pattern": "[domain-name:value = 'dile1.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eaf-ec78-4bfe-9a39-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:11.000Z", "modified": "2016-04-15T19:19:11.000Z", "pattern": "[domain-name:value = 'eelcd5.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb0-958c-46a7-8faf-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:12.000Z", "modified": "2016-04-15T19:19:12.000Z", "pattern": "[domain-name:value = 'efvc.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb0-a14c-4865-82e6-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:12.000Z", "modified": "2016-04-15T19:19:12.000Z", "pattern": "[domain-name:value = 'gaehh.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb0-3504-4254-b5c2-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:12.000Z", "modified": "2016-04-15T19:19:12.000Z", "pattern": "[domain-name:value = 'gehae.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb1-e794-420f-8a9d-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:13.000Z", "modified": "2016-04-15T19:19:13.000Z", "pattern": "[domain-name:value = 'ggsg.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb1-f2ec-4cb6-b13b-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:13.000Z", "modified": "2016-04-15T19:19:13.000Z", "pattern": "[domain-name:value = 'gtpq.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb1-9bb4-4107-b78b-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:13.000Z", "modified": "2016-04-15T19:19:13.000Z", "pattern": "[domain-name:value = 'gyez.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb2-c2d8-4124-b112-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:14.000Z", "modified": "2016-04-15T19:19:14.000Z", "pattern": "[domain-name:value = 'haerh.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb2-7cb8-45b8-b0bf-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:14.000Z", "modified": "2016-04-15T19:19:14.000Z", "pattern": "[domain-name:value = 'herha.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb2-b3d8-49c2-99da-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:14.000Z", "modified": "2016-04-15T19:19:14.000Z", "pattern": "[domain-name:value = 'hgvl.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb3-f3e8-4bdc-835d-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:15.000Z", "modified": "2016-04-15T19:19:15.000Z", "pattern": "[domain-name:value = 'hmsy.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb3-bfc0-41d4-ab73-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:15.000Z", "modified": "2016-04-15T19:19:15.000Z", "pattern": "[domain-name:value = 'htsrh.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb3-c58c-46ab-987f-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:15.000Z", "modified": "2016-04-15T19:19:15.000Z", "pattern": "[domain-name:value = 'iyso.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb4-6034-4deb-848e-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:16.000Z", "modified": "2016-04-15T19:19:16.000Z", "pattern": "[domain-name:value = 'lwmh.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb4-aca4-4f41-b4c8-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:16.000Z", "modified": "2016-04-15T19:19:16.000Z", "pattern": "[domain-name:value = 'meitanjiaoyiwang.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb4-0488-4fd0-920f-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:16.000Z", "modified": "2016-04-15T19:19:16.000Z", "pattern": "[domain-name:value = 'myrj.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb5-e6a8-4ae6-86ee-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:17.000Z", "modified": "2016-04-15T19:19:17.000Z", "pattern": "[domain-name:value = 'mysoso.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb5-c51c-46d7-9320-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:17.000Z", "modified": "2016-04-15T19:19:17.000Z", "pattern": "[domain-name:value = 'newsoso.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb5-52bc-4360-a1db-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:17.000Z", "modified": "2016-04-15T19:19:17.000Z", "pattern": "[domain-name:value = 'nvzm.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb6-e184-4fb0-9711-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:18.000Z", "modified": "2016-04-15T19:19:18.000Z", "pattern": "[domain-name:value = 'odgd.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb6-a618-447c-abf2-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:18.000Z", "modified": "2016-04-15T19:19:18.000Z", "pattern": "[domain-name:value = 'oidd.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb6-ce64-4ad1-8ab5-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:18.000Z", "modified": "2016-04-15T19:19:18.000Z", "pattern": "[domain-name:value = 'pliy.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb7-13c4-4761-a0e3-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:19.000Z", "modified": "2016-04-15T19:19:19.000Z", "pattern": "[domain-name:value = 'pornisvideo.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb7-2a30-4fe8-8c0c-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:19.000Z", "modified": "2016-04-15T19:19:19.000Z", "pattern": "[domain-name:value = 'povg.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb7-4374-474f-9c99-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:19.000Z", "modified": "2016-04-15T19:19:19.000Z", "pattern": "[domain-name:value = 'qdko.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb8-0640-4b09-8be2-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:20.000Z", "modified": "2016-04-15T19:19:20.000Z", "pattern": "[domain-name:value = 'qwhg.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb8-149c-44a1-98b4-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:20.000Z", "modified": "2016-04-15T19:19:20.000Z", "pattern": "[domain-name:value = 'rgbd.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb8-3b48-4eb7-9dee-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:20.000Z", "modified": "2016-04-15T19:19:20.000Z", "pattern": "[domain-name:value = 'sctq.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb9-0440-43d3-935f-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:21.000Z", "modified": "2016-04-15T19:19:21.000Z", "pattern": "[domain-name:value = 'shopay.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb9-a2f8-4505-b38d-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:21.000Z", "modified": "2016-04-15T19:19:21.000Z", "pattern": "[domain-name:value = 'shoppingoflove.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eb9-24fc-4945-8637-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:21.000Z", "modified": "2016-04-15T19:19:21.000Z", "pattern": "[domain-name:value = 'ssxb.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eba-9160-4ad2-bc92-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:22.000Z", "modified": "2016-04-15T19:19:22.000Z", "pattern": "[domain-name:value = 'uoxz.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eba-e0f4-47fd-b4af-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:22.000Z", "modified": "2016-04-15T19:19:22.000Z", "pattern": "[domain-name:value = 'xerd.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113eba-59d0-410d-b81c-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:22.000Z", "modified": "2016-04-15T19:19:22.000Z", "pattern": "[domain-name:value = 'ydjp.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113ebb-ac34-47c3-905a-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:23.000Z", "modified": "2016-04-15T19:19:23.000Z", "pattern": "[domain-name:value = 'yourbroiler.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113ebb-8080-47cb-9c53-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:23.000Z", "modified": "2016-04-15T19:19:23.000Z", "pattern": "[domain-name:value = 'zros.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57113ebb-2cc8-450a-bee6-5156950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2016-04-15T19:19:23.000Z", "modified": "2016-04-15T19:19:23.000Z", "pattern": "[domain-name:value = 'zryh.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-04-15T19:19:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:GREEN", "definition": { "tlp": "green" } } ] }