{ "type": "bundle", "id": "bundle--57cd8beb-79e4-4497-931f-4249950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:57.000Z", "modified": "2016-09-05T15:58:57.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57cd8beb-79e4-4497-931f-4249950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:57.000Z", "modified": "2016-09-05T15:58:57.000Z", "name": "Malspam 2016-09-05 (.wsf in .zip)", "published": "2016-09-05T15:59:08Z", "object_refs": [ "indicator--57cd8cc0-4fa8-4be1-97c3-3307950d210f", "indicator--57cd8cc1-8260-41bc-a757-3307950d210f", "indicator--57cd8cc1-db9c-477d-957d-3307950d210f", "indicator--57cd8cc1-5598-4c85-a2d9-3307950d210f", "indicator--57cd8cc1-d4f0-4693-a7e5-3307950d210f", "indicator--57cd8cc1-3640-4e27-bc8b-3307950d210f", "indicator--57cd8cc2-6398-471d-ad4e-3307950d210f", "indicator--57cd8cc2-6798-4bc5-8ba0-3307950d210f", "indicator--57cd8cc2-3430-4466-8645-3307950d210f", "indicator--57cd8cc2-e330-42ad-b14e-3307950d210f", "indicator--57cd8cc2-2814-49c3-9262-3307950d210f", "indicator--57cd8cc3-cfa4-440d-9fba-3307950d210f", "indicator--57cd8cc3-aeb4-4d74-8ecc-3307950d210f", "indicator--57cd8cc3-1700-4a49-bfc9-3307950d210f", "indicator--57cd8cc3-9d3c-43cb-b079-3307950d210f", "indicator--57cd8cc4-6218-4d8a-9217-3307950d210f", "indicator--57cd8cc4-5aec-4aeb-8c91-3307950d210f", "indicator--57cd8cc4-b24c-4f97-9fbc-3307950d210f", "indicator--57cd8cc4-113c-4299-b72a-3307950d210f", "indicator--57cd8cc4-7de4-45c4-9c92-3307950d210f", "indicator--57cd8cc5-88f0-4fac-be57-3307950d210f", "indicator--57cd8cc5-7060-47f7-b3b4-3307950d210f", "indicator--57cd8cc5-a990-4f1e-a1a4-3307950d210f", "indicator--57cd8cc5-786c-4a5b-9f56-3307950d210f", "indicator--57cd8cc5-bca8-4557-a805-3307950d210f", "indicator--57cd8cc6-d574-4136-89a5-3307950d210f", "indicator--57cd8cc6-4ff0-42e1-bdbf-3307950d210f", "indicator--57cd8cc6-6b7c-4b5a-b7d1-3307950d210f", "indicator--57cd8cc6-cb88-4b36-9fd8-3307950d210f", "indicator--57cd8cc6-6818-4cc3-bfac-3307950d210f", "indicator--57cd8cc7-def8-4723-a98d-3307950d210f", "indicator--57cd8cc7-2780-4620-8465-3307950d210f", "indicator--57cd8cc7-c2c0-4f6f-8c06-3307950d210f", "indicator--57cd8cc7-6790-4c18-ad13-3307950d210f", "indicator--57cd8cc7-ef68-4d5d-8b40-3307950d210f", "indicator--57cd8cc8-4334-47b2-a8cc-3307950d210f", "indicator--57cd8cc8-5478-430a-a2b6-3307950d210f", "indicator--57cd8cc8-d2a4-4d73-a1ba-3307950d210f", "indicator--57cd8cc8-e664-45b1-ad8a-3307950d210f", "indicator--57cd8cc9-3688-4686-a908-3307950d210f", "indicator--57cd963c-a890-4339-9597-4152950d210f", "indicator--57cd963c-4904-4473-8858-47d4950d210f", "indicator--57cd963c-cd08-438e-b0b9-4d89950d210f", "indicator--57cd963d-7938-4060-b1d1-47f5950d210f", "indicator--57cd963d-a74c-4fa1-b58a-46f3950d210f", "indicator--57cd963d-2314-413c-8bdf-4bed950d210f", "indicator--57cd963d-6a88-4f01-8e04-4544950d210f", "indicator--57cd963e-9914-4211-ab0a-43da950d210f", "indicator--57cd963e-5b48-4e93-853f-43c8950d210f", "indicator--57cd963e-5cc4-4b4c-b7c6-4c93950d210f", "indicator--57cd963e-8580-4ee8-960f-4b5a950d210f", "indicator--57cd963e-1a1c-430e-8b69-44d3950d210f", "indicator--57cd963f-edf8-4db6-b458-4912950d210f", "indicator--57cd963f-9abc-4c2e-aedb-414b950d210f", "indicator--57cd963f-c1c4-40a1-8c49-4de7950d210f", "indicator--57cd963f-4d1c-440e-af03-4bf1950d210f", "indicator--57cd9640-9c20-430d-90c8-4100950d210f", "indicator--57cd9640-f4bc-4279-99e7-4e1b950d210f", "indicator--57cd9640-6970-41ca-b5a3-4506950d210f", "indicator--57cd9640-f380-4f25-b7ae-48e8950d210f", "indicator--57cd9641-6fa4-467d-9aec-4626950d210f", "indicator--57cd9641-0068-48d3-9580-43bf950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc0-4fa8-4be1-97c3-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:24.000Z", "modified": "2016-09-05T15:18:24.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.69.147.89']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc1-8260-41bc-a757-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:25.000Z", "modified": "2016-09-05T15:18:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.33.52.18']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc1-db9c-477d-957d-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:25.000Z", "modified": "2016-09-05T15:18:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.208.0.121']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc1-5598-4c85-a2d9-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:25.000Z", "modified": "2016-09-05T15:18:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.238.0.64']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc1-d4f0-4693-a7e5-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:25.000Z", "modified": "2016-09-05T15:18:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.248.63.109']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc1-3640-4e27-bc8b-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:25.000Z", "modified": "2016-09-05T15:18:25.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '200.83.4.62']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc2-6398-471d-ad4e-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:26.000Z", "modified": "2016-09-05T15:18:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.37']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc2-6798-4bc5-8ba0-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:26.000Z", "modified": "2016-09-05T15:18:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.180.150.17']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc2-3430-4466-8645-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:26.000Z", "modified": "2016-09-05T15:18:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc2-e330-42ad-b14e-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:26.000Z", "modified": "2016-09-05T15:18:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.110.50.113']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc2-2814-49c3-9262-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:26.000Z", "modified": "2016-09-05T15:18:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.150.6.138']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc3-cfa4-440d-9fba-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:27.000Z", "modified": "2016-09-05T15:18:27.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.196.20.134']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc3-aeb4-4d74-8ecc-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:27.000Z", "modified": "2016-09-05T15:18:27.000Z", "description": "download location", "pattern": "[domain-name:value = 'frumuseanudaniela.go.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc3-1700-4a49-bfc9-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:27.000Z", "modified": "2016-09-05T15:18:27.000Z", "description": "download location", "pattern": "[url:value = 'http://frumuseanudaniela.go.ro/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc3-9d3c-43cb-b079-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:27.000Z", "modified": "2016-09-05T15:18:27.000Z", "description": "download location", "pattern": "[url:value = 'http://jvelizg.vtrbandaancha.net/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc4-6218-4d8a-9217-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:28.000Z", "modified": "2016-09-05T15:18:28.000Z", "description": "download location", "pattern": "[url:value = 'http://lcc.vtrbandaancha.net/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc4-5aec-4aeb-8c91-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:28.000Z", "modified": "2016-09-05T15:18:28.000Z", "description": "download location", "pattern": "[url:value = 'http://maxshoppppsr.biz/js/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc4-b24c-4f97-9fbc-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:28.000Z", "modified": "2016-09-05T15:18:28.000Z", "description": "download location", "pattern": "[url:value = 'http://monkeeey.web.fc2.com/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc4-113c-4299-b72a-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:28.000Z", "modified": "2016-09-05T15:18:28.000Z", "description": "download location", "pattern": "[url:value = 'http://roadstercrew-nw.homepage.t-online.de/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc4-7de4-45c4-9c92-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:28.000Z", "modified": "2016-09-05T15:18:28.000Z", "description": "download location", "pattern": "[url:value = 'http://www.bals.nichost.ru/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc5-88f0-4fac-be57-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:29.000Z", "modified": "2016-09-05T15:18:29.000Z", "description": "download location", "pattern": "[url:value = 'http://www.equipe4.net/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc5-7060-47f7-b3b4-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:29.000Z", "modified": "2016-09-05T15:18:29.000Z", "description": "download location", "pattern": "[url:value = 'http://www.officinaomc.com/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc5-a990-4f1e-a1a4-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:29.000Z", "modified": "2016-09-05T15:18:29.000Z", "description": "download location", "pattern": "[url:value = 'http://www.poli-mec.it/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc5-786c-4a5b-9f56-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:29.000Z", "modified": "2016-09-05T15:18:29.000Z", "description": "download location", "pattern": "[url:value = 'http://www.rossorelli.ru/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc5-bca8-4557-a805-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:29.000Z", "modified": "2016-09-05T15:18:29.000Z", "description": "download location", "pattern": "[url:value = 'http://www.trzynastkajg.republika.pl/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc6-d574-4136-89a5-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:30.000Z", "modified": "2016-09-05T15:18:30.000Z", "description": "download location", "pattern": "[url:value = 'http://www.yacht-market.eu/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc6-4ff0-42e1-bdbf-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:30.000Z", "modified": "2016-09-05T15:18:30.000Z", "description": "download location", "pattern": "[url:value = 'http://yggithuq.utawebhost.at/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc6-6b7c-4b5a-b7d1-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:30.000Z", "modified": "2016-09-05T15:18:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'jvelizg.vtrbandaancha.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc6-cb88-4b36-9fd8-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:30.000Z", "modified": "2016-09-05T15:18:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'lcc.vtrbandaancha.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc6-6818-4cc3-bfac-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:30.000Z", "modified": "2016-09-05T15:18:30.000Z", "description": "download location", "pattern": "[domain-name:value = 'maxshoppppsr.biz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc7-def8-4723-a98d-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:31.000Z", "modified": "2016-09-05T15:18:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'monkeeey.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc7-2780-4620-8465-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:31.000Z", "modified": "2016-09-05T15:18:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'roadstercrew-nw.homepage.t-online.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc7-c2c0-4f6f-8c06-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:31.000Z", "modified": "2016-09-05T15:18:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.bals.nichost.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc7-6790-4c18-ad13-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:31.000Z", "modified": "2016-09-05T15:18:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.equipe4.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc7-ef68-4d5d-8b40-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:31.000Z", "modified": "2016-09-05T15:18:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.officinaomc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc8-4334-47b2-a8cc-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:32.000Z", "modified": "2016-09-05T15:18:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.poli-mec.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc8-5478-430a-a2b6-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:32.000Z", "modified": "2016-09-05T15:18:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.rossorelli.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc8-d2a4-4d73-a1ba-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:32.000Z", "modified": "2016-09-05T15:18:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.trzynastkajg.republika.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc8-e664-45b1-ad8a-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:32.000Z", "modified": "2016-09-05T15:18:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.yacht-market.eu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd8cc9-3688-4686-a908-3307950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:18:33.000Z", "modified": "2016-09-05T15:18:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'yggithuq.utawebhost.at']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:18:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963c-a890-4339-9597-4152950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:52.000Z", "modified": "2016-09-05T15:58:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.42.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963c-4904-4473-8858-47d4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:52.000Z", "modified": "2016-09-05T15:58:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.62']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963c-cd08-438e-b0b9-4d89950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:52.000Z", "modified": "2016-09-05T15:58:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.46.196.141']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963d-7938-4060-b1d1-47f5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:53.000Z", "modified": "2016-09-05T15:58:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.95.106.213']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963d-a74c-4fa1-b58a-46f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:53.000Z", "modified": "2016-09-05T15:58:53.000Z", "description": "download location", "pattern": "[domain-name:value = '52433865.fn.freenet-hosting.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963d-2314-413c-8bdf-4bed950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:53.000Z", "modified": "2016-09-05T15:58:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '68.65.121.203']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963d-6a88-4f01-8e04-4544950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:53.000Z", "modified": "2016-09-05T15:58:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.145.153']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963e-9914-4211-ab0a-43da950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:54.000Z", "modified": "2016-09-05T15:58:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'deemc.homepage.t-online.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963e-5b48-4e93-853f-43c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:54.000Z", "modified": "2016-09-05T15:58:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'gregor-weiss.business.t-online.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963e-5cc4-4b4c-b7c6-4c93950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:54.000Z", "modified": "2016-09-05T15:58:54.000Z", "description": "download location", "pattern": "[url:value = 'http://52433865.fn.freenet-hosting.de/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963e-8580-4ee8-960f-4b5a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:54.000Z", "modified": "2016-09-05T15:58:54.000Z", "description": "download location", "pattern": "[url:value = 'http://deemc.homepage.t-online.de/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963e-1a1c-430e-8b69-44d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:54.000Z", "modified": "2016-09-05T15:58:54.000Z", "description": "download location", "pattern": "[url:value = 'http://gregor-weiss.business.t-online.de/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963f-edf8-4db6-b458-4912950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:55.000Z", "modified": "2016-09-05T15:58:55.000Z", "description": "download location", "pattern": "[url:value = 'http://miyufortuneteller.web.fc2.com/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963f-9abc-4c2e-aedb-414b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:55.000Z", "modified": "2016-09-05T15:58:55.000Z", "description": "download location", "pattern": "[url:value = 'http://mojejeze.republika.pl/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963f-c1c4-40a1-8c49-4de7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:55.000Z", "modified": "2016-09-05T15:58:55.000Z", "description": "download location", "pattern": "[url:value = 'http://quietvain.nobody.jp/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd963f-4d1c-440e-af03-4bf1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:55.000Z", "modified": "2016-09-05T15:58:55.000Z", "description": "download location", "pattern": "[url:value = 'http://tensai.wallst.ru/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd9640-9c20-430d-90c8-4100950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:56.000Z", "modified": "2016-09-05T15:58:56.000Z", "description": "download location", "pattern": "[url:value = 'http://treasure-force.com/87b3ff3rc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd9640-f4bc-4279-99e7-4e1b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:56.000Z", "modified": "2016-09-05T15:58:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'miyufortuneteller.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd9640-6970-41ca-b5a3-4506950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:56.000Z", "modified": "2016-09-05T15:58:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'mojejeze.republika.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd9640-f380-4f25-b7ae-48e8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:56.000Z", "modified": "2016-09-05T15:58:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'quietvain.nobody.jp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd9641-6fa4-467d-9aec-4626950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:57.000Z", "modified": "2016-09-05T15:58:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'tensai.wallst.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57cd9641-0068-48d3-9580-43bf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-09-05T15:58:57.000Z", "modified": "2016-09-05T15:58:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'treasure-force.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-09-05T15:58:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }