{ "type": "bundle", "id": "bundle--57713b14-8448-4859-a6ab-44a6950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:13.000Z", "modified": "2016-06-27T15:41:13.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57713b14-8448-4859-a6ab-44a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:13.000Z", "modified": "2016-06-27T15:41:13.000Z", "name": "Malspam 2016-06-27", "published": "2016-06-27T15:41:56Z", "object_refs": [ "indicator--57713b7c-971c-4865-b5bf-423c950d210f", "indicator--57713b7c-654c-4cb9-b59e-4f5c950d210f", "indicator--57713b7c-72ec-4162-a59b-42e4950d210f", "indicator--57713b7c-74c4-4e7e-bed3-43da950d210f", "indicator--57713b7d-6c48-4f32-b79a-47dd950d210f", "indicator--57713b7d-5054-4473-98f6-42a0950d210f", "indicator--57713b7d-34c4-4a15-883e-451f950d210f", "indicator--57713b7d-2748-4ad3-8123-4cf4950d210f", "indicator--57713b7e-53d8-4e21-9bc9-4656950d210f", "indicator--57713b7e-e3fc-43ee-b01b-4db2950d210f", "indicator--57713b7e-1ba4-4667-9879-4369950d210f", "indicator--57713b7e-0428-44ab-bd71-44ee950d210f", "indicator--57713b7e-0ca8-4dad-abe2-40b6950d210f", "indicator--57713b7f-963c-4599-99ac-4741950d210f", "indicator--57713b7f-b67c-42dd-85fc-4dc0950d210f", "indicator--57713b7f-5ac4-4cec-a670-4a1c950d210f", "indicator--57713b7f-3154-4897-b6dd-48e7950d210f", "indicator--57713b7f-842c-491d-8ca9-4c3d950d210f", "indicator--57713b80-c64c-4f0d-9603-4496950d210f", "indicator--57713b80-6818-42a2-b4e5-4c44950d210f", "indicator--57713b80-1bc0-4bf2-b0d7-40d8950d210f", "indicator--57713b80-e324-46f0-bbf8-4df6950d210f", "indicator--57713b81-6c80-4862-b457-4c1e950d210f", "indicator--57713b81-f2a8-4074-b599-4397950d210f", "indicator--57713b81-fc2c-4d36-a5f6-4f28950d210f", "indicator--57713b81-f8ec-45d6-958a-4e61950d210f", "indicator--57713b81-72f0-4f8a-a91a-43b9950d210f", "indicator--57713b82-ebe4-4a41-b586-4b7d950d210f", "indicator--57713b82-413c-427e-a13a-4b11950d210f", "indicator--57713b82-93d4-4d69-bff0-4635950d210f", "indicator--57713b82-2a74-41a4-81e8-411b950d210f", "indicator--57713b82-a6c4-46de-8d12-4eb1950d210f", "indicator--57713b83-e87c-4d41-b810-409f950d210f", "indicator--57713b83-4a14-4d39-8c99-45f0950d210f", "indicator--57713b83-d98c-47c8-a31b-41da950d210f", "indicator--57713b83-70dc-43d5-85cc-47bd950d210f", "indicator--57713b84-9c9c-4ecb-91ed-4284950d210f", "indicator--57713b84-ae54-492f-ae37-4959950d210f", "indicator--57713b84-d720-4561-b1f9-4a17950d210f", "indicator--57713b84-9108-4165-9055-4ffc950d210f", "indicator--57713b84-99a0-408c-a6a4-445d950d210f", "indicator--57713b85-aee4-4a83-9551-4be8950d210f", "indicator--57713b85-8768-4e28-beb7-48c6950d210f", "indicator--57713b85-08e8-4b74-90f7-4c62950d210f", "indicator--57713b85-66ac-41d9-9486-4d81950d210f", "indicator--57713b85-75b4-4a85-af86-42f3950d210f", "indicator--57713b86-f544-4afa-9255-4a16950d210f", "indicator--57713b86-9f04-46b3-89f0-45d5950d210f", "indicator--57713b86-fa90-4cdf-9404-4fa5950d210f", "indicator--57713b86-27e8-4bd3-a6c2-45bc950d210f", "indicator--57713b87-63ec-4105-8b70-4b50950d210f", "indicator--57713b87-0700-4c60-ac5b-47eb950d210f", "indicator--57713b87-f650-4417-890f-414c950d210f", "indicator--57713b87-8454-44ae-85cb-474d950d210f", "indicator--57713b87-02e0-4aaf-a2df-4ab9950d210f", "indicator--57713b88-51c8-41e1-8abe-48e5950d210f", "indicator--57713b88-2a1c-4ac8-88c0-480a950d210f", "indicator--57713b88-a070-48dd-82a2-40da950d210f", "indicator--57713b88-8914-4618-aa80-4ada950d210f", "indicator--57713b88-9064-4fae-9859-422c950d210f", "indicator--57713b88-a23c-48c5-9006-4cd0950d210f", "indicator--57713b89-46c8-45e0-9a89-4dc0950d210f", "indicator--57713b89-46a8-4124-8f64-48c5950d210f", "indicator--57713b89-6cc4-4b92-be0e-4372950d210f", "indicator--57713b89-7d0c-4297-b735-4ffb950d210f", "indicator--5771455a-0f68-472e-89eb-4042950d210f", "indicator--5771455b-c51c-4622-9034-425e950d210f", "indicator--5771455b-d9b8-46bc-8ad0-4c3d950d210f", "indicator--5771455c-e018-49a0-bad8-4566950d210f", "indicator--5771455c-117c-4f1c-97df-4c8f950d210f", "indicator--5771455c-a6d8-4954-865e-409b950d210f", "indicator--5771455d-2350-4bc4-992f-4994950d210f", "indicator--5771455d-6498-4bd0-97e5-4df7950d210f", "indicator--5771455e-e328-46c4-87c1-4d31950d210f", "indicator--5771455e-c980-427b-b68b-47dc950d210f", "indicator--5771455e-edfc-4bf0-aa62-487d950d210f", "indicator--5771455f-5a6c-49b3-9fee-431d950d210f", "indicator--57714911-6530-4b65-847d-7d90950d210f", "indicator--57714911-7dd0-427e-92ae-7d90950d210f", "indicator--57714911-a498-4821-bd7d-7d90950d210f", "indicator--57714911-abc8-491c-855d-7d90950d210f", "indicator--57714911-4280-40d7-9098-7d90950d210f", "indicator--57714912-bc34-4e3b-9c79-7d90950d210f", "indicator--57714912-6ab4-4ce1-9f2e-7d90950d210f", "indicator--57714912-44d8-4d06-a5f6-7d90950d210f", "indicator--57714912-0448-4866-955f-7d90950d210f", "indicator--57714913-5f20-4e0d-835a-7d90950d210f", "indicator--57714913-bafc-4d0e-8df3-7d90950d210f", "indicator--57714913-380c-4fb7-9259-7d90950d210f", "indicator--57714913-8c38-42c7-a089-7d90950d210f", "indicator--57714914-2cb8-48b5-be6c-7d90950d210f", "indicator--57714914-7778-43c3-a6ec-7d90950d210f", "indicator--57714914-12d8-4d7b-aeba-7d90950d210f", "indicator--57714915-9274-4f37-a200-7d90950d210f", "indicator--57714915-24b0-498a-8aab-7d90950d210f", "indicator--57714916-98d8-4276-84be-7d90950d210f", "indicator--57714916-2390-439d-87bd-7d90950d210f", "indicator--57714917-aac0-4921-9772-7d90950d210f", "indicator--57714917-6168-4f89-9bff-7d90950d210f", "indicator--57714917-002c-4d51-8ff9-7d90950d210f", "indicator--57714918-9270-4811-9535-7d90950d210f", "indicator--57714918-7c20-47f1-8116-7d90950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT", "circl:incident-classification=\"malware\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7c-971c-4865-b5bf-423c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:08.000Z", "modified": "2016-06-27T14:43:08.000Z", "description": "download location", "pattern": "[url:value = 'http://addonworks.com/aaotksj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7c-654c-4cb9-b59e-4f5c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:08.000Z", "modified": "2016-06-27T14:43:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'addonworks.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7c-72ec-4162-a59b-42e4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:08.000Z", "modified": "2016-06-27T14:43:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.210.108.162']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7c-74c4-4e7e-bed3-43da950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:08.000Z", "modified": "2016-06-27T14:43:08.000Z", "description": "download location", "pattern": "[url:value = 'http://babycotsonline.com/hiy96z']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7d-6c48-4f32-b79a-47dd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:09.000Z", "modified": "2016-06-27T14:43:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'babycotsonline.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7d-5054-4473-98f6-42a0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:09.000Z", "modified": "2016-06-27T14:43:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.146.153']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7d-34c4-4a15-883e-451f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:09.000Z", "modified": "2016-06-27T14:43:09.000Z", "description": "download location", "pattern": "[url:value = 'http://certifiedbanker.org/faplav8m']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7d-2748-4ad3-8123-4cf4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:09.000Z", "modified": "2016-06-27T14:43:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'certifiedbanker.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7e-53d8-4e21-9bc9-4656950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:10.000Z", "modified": "2016-06-27T14:43:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '166.63.125.135']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7e-e3fc-43ee-b01b-4db2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:10.000Z", "modified": "2016-06-27T14:43:10.000Z", "description": "download location", "pattern": "[url:value = 'http://300tomoli.it/0qgidk55']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7e-1ba4-4667-9879-4369950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:10.000Z", "modified": "2016-06-27T14:43:10.000Z", "description": "download location", "pattern": "[domain-name:value = '300tomoli.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7e-0428-44ab-bd71-44ee950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:10.000Z", "modified": "2016-06-27T14:43:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.73.226.220']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7e-0ca8-4dad-abe2-40b6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:10.000Z", "modified": "2016-06-27T14:43:10.000Z", "description": "download location", "pattern": "[url:value = 'http://immoclic.o2switch.net/mpzkos32']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7f-963c-4599-99ac-4741950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:11.000Z", "modified": "2016-06-27T14:43:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'immoclic.o2switch.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7f-b67c-42dd-85fc-4dc0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:11.000Z", "modified": "2016-06-27T14:43:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.234.160.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7f-5ac4-4cec-a670-4a1c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:11.000Z", "modified": "2016-06-27T14:43:11.000Z", "description": "download location", "pattern": "[url:value = 'http://clients.seospell.co.in/8jq6cu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7f-3154-4897-b6dd-48e7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:11.000Z", "modified": "2016-06-27T14:43:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'clients.seospell.co.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b7f-842c-491d-8ca9-4c3d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:11.000Z", "modified": "2016-06-27T14:43:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.131.128']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b80-c64c-4f0d-9603-4496950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:12.000Z", "modified": "2016-06-27T14:43:12.000Z", "description": "download location", "pattern": "[url:value = 'http://mycreativeprint.com/f9qa60q']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b80-6818-42a2-b4e5-4c44950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:12.000Z", "modified": "2016-06-27T14:43:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'mycreativeprint.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b80-1bc0-4bf2-b0d7-40d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:12.000Z", "modified": "2016-06-27T14:43:12.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.6.198.185']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b80-e324-46f0-bbf8-4df6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:12.000Z", "modified": "2016-06-27T14:43:12.000Z", "description": "download location", "pattern": "[url:value = 'http://asliaypak.com/zcubi7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b81-6c80-4862-b457-4c1e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:13.000Z", "modified": "2016-06-27T14:43:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'asliaypak.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b81-f2a8-4074-b599-4397950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:13.000Z", "modified": "2016-06-27T14:43:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.54.115.218']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b81-fc2c-4d36-a5f6-4f28950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:13.000Z", "modified": "2016-06-27T14:43:13.000Z", "description": "download location", "pattern": "[url:value = 'http://atlantaelectronics.co.id/kjdfbm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b81-f8ec-45d6-958a-4e61950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:13.000Z", "modified": "2016-06-27T14:43:13.000Z", "description": "download location", "pattern": "[domain-name:value = 'atlantaelectronics.co.id']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b81-72f0-4f8a-a91a-43b9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:13.000Z", "modified": "2016-06-27T14:43:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.241.184.10']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b82-ebe4-4a41-b586-4b7d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:14.000Z", "modified": "2016-06-27T14:43:14.000Z", "description": "download location", "pattern": "[url:value = 'http://euro-support.be/jo1s8r3k']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b82-413c-427e-a13a-4b11950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:14.000Z", "modified": "2016-06-27T14:43:14.000Z", "description": "download location", "pattern": "[domain-name:value = 'euro-support.be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b82-93d4-4d69-bff0-4635950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:14.000Z", "modified": "2016-06-27T14:43:14.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.62.167.160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b82-2a74-41a4-81e8-411b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:14.000Z", "modified": "2016-06-27T14:43:14.000Z", "description": "download location", "pattern": "[url:value = 'http://192.186.246.134/~advancedptr/4kw2yb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b82-a6c4-46de-8d12-4eb1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:14.000Z", "modified": "2016-06-27T14:43:14.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.246.134']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b83-e87c-4d41-b810-409f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:15.000Z", "modified": "2016-06-27T14:43:15.000Z", "description": "download location", "pattern": "[url:value = 'http://sherlock.uvishere.com/2ujlndd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b83-4a14-4d39-8c99-45f0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:15.000Z", "modified": "2016-06-27T14:43:15.000Z", "description": "download location", "pattern": "[domain-name:value = 'sherlock.uvishere.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b83-d98c-47c8-a31b-41da950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:15.000Z", "modified": "2016-06-27T14:43:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.195.124.97']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b83-70dc-43d5-85cc-47bd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:15.000Z", "modified": "2016-06-27T14:43:15.000Z", "description": "download location", "pattern": "[url:value = 'http://climairuk.com/bv7haqcm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b84-9c9c-4ecb-91ed-4284950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:16.000Z", "modified": "2016-06-27T14:43:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'climairuk.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b84-ae54-492f-ae37-4959950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:16.000Z", "modified": "2016-06-27T14:43:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.118.237.109']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b84-d720-4561-b1f9-4a17950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:16.000Z", "modified": "2016-06-27T14:43:16.000Z", "description": "download location", "pattern": "[url:value = 'http://delicious-doughnuts.net/t81of0k']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b84-9108-4165-9055-4ffc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:16.000Z", "modified": "2016-06-27T14:43:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'delicious-doughnuts.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b84-99a0-408c-a6a4-445d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:16.000Z", "modified": "2016-06-27T14:43:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.160.76.117']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b85-aee4-4a83-9551-4be8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:17.000Z", "modified": "2016-06-27T14:43:17.000Z", "description": "download location", "pattern": "[url:value = 'http://217.172.226.2/~redpaluch/8ji21s5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b85-8768-4e28-beb7-48c6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:17.000Z", "modified": "2016-06-27T14:43:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.172.226.2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b85-08e8-4b74-90f7-4c62950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:17.000Z", "modified": "2016-06-27T14:43:17.000Z", "description": "download location", "pattern": "[url:value = 'http://www.centroinfantilelmolino.com/2sgw0ch']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b85-66ac-41d9-9486-4d81950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:17.000Z", "modified": "2016-06-27T14:43:17.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.centroinfantilelmolino.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b85-75b4-4a85-af86-42f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:17.000Z", "modified": "2016-06-27T14:43:17.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.76.156.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b86-f544-4afa-9255-4a16950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:18.000Z", "modified": "2016-06-27T14:43:18.000Z", "description": "download location", "pattern": "[url:value = 'http://216.218.93.172/~thelma2/7a4q7knx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b86-9f04-46b3-89f0-45d5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:18.000Z", "modified": "2016-06-27T14:43:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.218.93.172']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b86-fa90-4cdf-9404-4fa5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:18.000Z", "modified": "2016-06-27T14:43:18.000Z", "description": "download location", "pattern": "[url:value = 'http://focolareostuni.it/1tl199rq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b86-27e8-4bd3-a6c2-45bc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:18.000Z", "modified": "2016-06-27T14:43:18.000Z", "description": "download location", "pattern": "[domain-name:value = 'focolareostuni.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b87-63ec-4105-8b70-4b50950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:19.000Z", "modified": "2016-06-27T14:43:19.000Z", "description": "download location", "pattern": "[url:value = 'http://angeelle.nichost.ru/sf0bm5rz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b87-0700-4c60-ac5b-47eb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:19.000Z", "modified": "2016-06-27T14:43:19.000Z", "description": "download location", "pattern": "[domain-name:value = 'angeelle.nichost.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b87-f650-4417-890f-414c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:19.000Z", "modified": "2016-06-27T14:43:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.208.0.136']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b87-8454-44ae-85cb-474d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:19.000Z", "modified": "2016-06-27T14:43:19.000Z", "description": "download location", "pattern": "[url:value = 'http://empiredeckandfence.com/8wytfp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b87-02e0-4aaf-a2df-4ab9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:19.000Z", "modified": "2016-06-27T14:43:19.000Z", "description": "download location", "pattern": "[domain-name:value = 'empiredeckandfence.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b88-51c8-41e1-8abe-48e5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:20.000Z", "modified": "2016-06-27T14:43:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.225.43']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b88-2a1c-4ac8-88c0-480a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:20.000Z", "modified": "2016-06-27T14:43:20.000Z", "description": "download location", "pattern": "[url:value = 'http://3141592.ru/rvhijql']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b88-a070-48dd-82a2-40da950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:20.000Z", "modified": "2016-06-27T14:43:20.000Z", "description": "download location", "pattern": "[domain-name:value = '3141592.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b88-8914-4618-aa80-4ada950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:20.000Z", "modified": "2016-06-27T14:43:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.53.126.193']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b88-9064-4fae-9859-422c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:20.000Z", "modified": "2016-06-27T14:43:20.000Z", "description": "download location", "pattern": "[url:value = 'http://bobbysinghwpg.com/fx1jpyt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b88-a23c-48c5-9006-4cd0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:20.000Z", "modified": "2016-06-27T14:43:20.000Z", "description": "download location", "pattern": "[domain-name:value = 'bobbysinghwpg.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b89-46c8-45e0-9a89-4dc0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:21.000Z", "modified": "2016-06-27T14:43:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.246.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b89-46a8-4124-8f64-48c5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:21.000Z", "modified": "2016-06-27T14:43:21.000Z", "description": "download location", "pattern": "[url:value = 'http://bisericaromaneasca.ro/amfcy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b89-6cc4-4b92-be0e-4372950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:21.000Z", "modified": "2016-06-27T14:43:21.000Z", "description": "download location", "pattern": "[domain-name:value = 'bisericaromaneasca.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57713b89-7d0c-4297-b735-4ffb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T14:43:21.000Z", "modified": "2016-06-27T14:43:21.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.106.30.71']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T14:43:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455a-0f68-472e-89eb-4042950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:14.000Z", "modified": "2016-06-27T15:25:14.000Z", "description": "download location", "pattern": "[url:value = 'http://cameramartusa.info/qaghx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455b-c51c-4622-9034-425e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:15.000Z", "modified": "2016-06-27T15:25:15.000Z", "description": "download location", "pattern": "[domain-name:value = 'cameramartusa.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455b-d9b8-46bc-8ad0-4c3d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:15.000Z", "modified": "2016-06-27T15:25:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.24.238']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455c-e018-49a0-bad8-4566950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:16.000Z", "modified": "2016-06-27T15:25:16.000Z", "description": "download location", "pattern": "[url:value = 'http://staffsolut.nichost.ru/wif31sug']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455c-117c-4f1c-97df-4c8f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:16.000Z", "modified": "2016-06-27T15:25:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'staffsolut.nichost.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455c-a6d8-4954-865e-409b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:16.000Z", "modified": "2016-06-27T15:25:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.208.1.146']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455d-2350-4bc4-992f-4994950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:17.000Z", "modified": "2016-06-27T15:25:17.000Z", "description": "download location", "pattern": "[url:value = 'http://beautifulhosting.com.au/ljtxwrr4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455d-6498-4bd0-97e5-4df7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:17.000Z", "modified": "2016-06-27T15:25:17.000Z", "description": "download location", "pattern": "[domain-name:value = 'beautifulhosting.com.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455e-e328-46c4-87c1-4d31950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:18.000Z", "modified": "2016-06-27T15:25:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.178.249']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455e-c980-427b-b68b-47dc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:18.000Z", "modified": "2016-06-27T15:25:18.000Z", "description": "download location", "pattern": "[url:value = 'http://tip.ub.ac.id/bzrnweoo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455e-edfc-4bf0-aa62-487d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:18.000Z", "modified": "2016-06-27T15:25:18.000Z", "description": "download location", "pattern": "[domain-name:value = 'tip.ub.ac.id']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5771455f-5a6c-49b3-9fee-431d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:25:19.000Z", "modified": "2016-06-27T15:25:19.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '175.45.184.160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:25:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714911-6530-4b65-847d-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:05.000Z", "modified": "2016-06-27T15:41:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.152.168.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714911-7dd0-427e-92ae-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:05.000Z", "modified": "2016-06-27T15:41:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.6.169.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714911-a498-4821-bd7d-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:05.000Z", "modified": "2016-06-27T15:41:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '184.171.252.26']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714911-abc8-491c-855d-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:05.000Z", "modified": "2016-06-27T15:41:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.171.0.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714911-4280-40d7-9098-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:05.000Z", "modified": "2016-06-27T15:41:05.000Z", "description": "download location", "pattern": "[domain-name:value = '4k18.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714912-bc34-4e3b-9c79-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:06.000Z", "modified": "2016-06-27T15:41:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.244.134.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714912-6ab4-4ce1-9f2e-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:06.000Z", "modified": "2016-06-27T15:41:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.140.141']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714912-44d8-4d06-a5f6-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:06.000Z", "modified": "2016-06-27T15:41:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.140.32.172']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714912-0448-4866-955f-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:06.000Z", "modified": "2016-06-27T15:41:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.96.159.64']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714913-5f20-4e0d-835a-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:07.000Z", "modified": "2016-06-27T15:41:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.42.39.67']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714913-bafc-4d0e-8df3-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:07.000Z", "modified": "2016-06-27T15:41:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'adbm.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714913-380c-4fb7-9259-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:07.000Z", "modified": "2016-06-27T15:41:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'camera-test.hi2.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714913-8c38-42c7-a089-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:07.000Z", "modified": "2016-06-27T15:41:07.000Z", "description": "download location", "pattern": "[url:value = 'http://210.171.0.30/~akfa8701/76p9su']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714914-2cb8-48b5-be6c-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:08.000Z", "modified": "2016-06-27T15:41:08.000Z", "description": "download location", "pattern": "[url:value = 'http://217.172.226.2/~vikolor/3pdqsh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714914-7778-43c3-a6ec-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:08.000Z", "modified": "2016-06-27T15:41:08.000Z", "description": "download location", "pattern": "[url:value = 'http://4k18.com/lpschs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714914-12d8-4d7b-aeba-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:08.000Z", "modified": "2016-06-27T15:41:08.000Z", "description": "download location", "pattern": "[url:value = 'http://80.244.134.169/x4jzt5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714915-9274-4f37-a200-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:09.000Z", "modified": "2016-06-27T15:41:09.000Z", "description": "download location", "pattern": "[url:value = 'http://82.140.32.172/~hoddl/4etb1e1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714915-24b0-498a-8aab-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:09.000Z", "modified": "2016-06-27T15:41:09.000Z", "description": "download location", "pattern": "[url:value = 'http://adbm.co.uk/104ky']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714916-98d8-4276-84be-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:10.000Z", "modified": "2016-06-27T15:41:10.000Z", "description": "download location", "pattern": "[url:value = 'http://camera-test.hi2.ro/5w9tcm']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714916-2390-439d-87bd-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:10.000Z", "modified": "2016-06-27T15:41:10.000Z", "description": "download location", "pattern": "[url:value = 'http://hudebiah.net/vyz44p8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714917-aac0-4921-9772-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:11.000Z", "modified": "2016-06-27T15:41:11.000Z", "description": "download location", "pattern": "[url:value = 'http://jd-products.nl/msjswnn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714917-6168-4f89-9bff-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:11.000Z", "modified": "2016-06-27T15:41:11.000Z", "description": "download location", "pattern": "[url:value = 'http://potolok-profit.ru/w9oyt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714917-002c-4d51-8ff9-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:11.000Z", "modified": "2016-06-27T15:41:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'hudebiah.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714918-9270-4811-9535-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:12.000Z", "modified": "2016-06-27T15:41:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'jd-products.nl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57714918-7c20-47f1-8116-7d90950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-06-27T15:41:12.000Z", "modified": "2016-06-27T15:41:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'potolok-profit.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-06-27T15:41:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] } ] }