{ "type": "bundle", "id": "bundle--56f93f55-e6d0-45c9-8109-74ad02de0b81", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:32.000Z", "modified": "2016-03-28T14:29:32.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--56f93f55-e6d0-45c9-8109-74ad02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:32.000Z", "modified": "2016-03-28T14:29:32.000Z", "name": "Locky of the day (20160328) - affid=3", "published": "2016-03-29T13:21:29Z", "object_refs": [ "indicator--56f93f71-1e1c-4f57-974a-3f2b02de0b81", "indicator--56f93f7b-edc4-4d27-bd7c-3f2c02de0b81", "indicator--56f93f7b-44ac-4975-84f3-3f2c02de0b81", "observed-data--56f93f7b-2fa0-4325-aa27-3f2c02de0b81", "url--56f93f7b-2fa0-4325-aa27-3f2c02de0b81", "indicator--56f93f91-ad50-4798-90bc-3f2702de0b81", "indicator--56f93f91-e500-4b6f-967b-3f2702de0b81", "indicator--56f93f91-4e5c-4bfd-8669-3f2702de0b81", "indicator--56f93f92-db3c-4944-be9f-3f2702de0b81", "indicator--56f93f92-3bc0-40a4-98e3-3f2702de0b81", "indicator--56f93f92-cc08-4a78-a453-3f2702de0b81", "indicator--56f93fb3-7fc0-429c-aa4a-3f5d02de0b81", "indicator--56f93fcc-4c84-46a6-9079-3f2f02de0b81", "indicator--56f93fcd-ad84-461c-80b2-3f2f02de0b81", "indicator--56f93fcd-d728-410b-b440-3f2f02de0b81", "indicator--56f93fcd-6f38-4be3-9645-3f2f02de0b81", "indicator--56f93fce-b880-4a0e-8755-3f2f02de0b81", "indicator--56f93fce-84d4-4104-a05f-3f2f02de0b81", "indicator--56f93fce-a728-4eca-9081-3f2f02de0b81", "indicator--56f93fcf-beac-4828-a54d-3f2f02de0b81", "indicator--56f93fcf-afe8-4514-8bf4-3f2f02de0b81", "indicator--56f93fcf-f130-485e-886d-3f2f02de0b81", "indicator--56f93fcf-0b84-4b10-a9ea-3f2f02de0b81", "indicator--56fa6e79-f934-4337-8091-43d4950d210f", "indicator--56fa6e7a-22b4-4a5e-a88b-42c4950d210f", "indicator--56fa6e7a-6234-4245-aded-4f2f950d210f", "indicator--56fa6e7a-e6dc-47de-bba3-41be950d210f", "indicator--56fa6e7b-f358-4891-9f38-4253950d210f", "indicator--56fa6e7b-ed70-4c4c-903f-49ac950d210f", "indicator--56fa6e7b-86bc-4b96-bf6c-4616950d210f", "indicator--56fa6e7b-5fd4-4a72-9b79-481b950d210f", "indicator--56fa6e7c-89c4-4b7c-9350-4509950d210f", "indicator--56fa6e7c-d424-41c5-bbf4-446a950d210f", "indicator--56fa6e7c-e9b0-4beb-a611-412b950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "type:OSINT" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f71-1e1c-4f57-974a-3f2b02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:01.000Z", "modified": "2016-03-28T14:28:01.000Z", "pattern": "[file:hashes.SHA256 = '61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f7b-edc4-4d27-bd7c-3f2c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:11.000Z", "modified": "2016-03-28T14:28:11.000Z", "description": "- Xchecked via VT: 61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e", "pattern": "[file:hashes.SHA1 = '76f27ed591f0270e73dbb0853e71f80a5b32218e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha1\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f7b-44ac-4975-84f3-3f2c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:11.000Z", "modified": "2016-03-28T14:28:11.000Z", "description": "- Xchecked via VT: 61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e", "pattern": "[file:hashes.MD5 = '1f1e3688f85070dd1e9a766d03b6817e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--56f93f7b-2fa0-4325-aa27-3f2c02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:11.000Z", "modified": "2016-03-28T14:28:11.000Z", "first_observed": "2016-03-28T14:28:11Z", "last_observed": "2016-03-28T14:28:11Z", "number_observed": 1, "object_refs": [ "url--56f93f7b-2fa0-4325-aa27-3f2c02de0b81" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--56f93f7b-2fa0-4325-aa27-3f2c02de0b81", "value": "https://www.virustotal.com/file/61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e/analysis/1459171638/" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f91-ad50-4798-90bc-3f2702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:33.000Z", "modified": "2016-03-28T14:28:33.000Z", "description": "C&C", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.63.87.134']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f91-e500-4b6f-967b-3f2702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:33.000Z", "modified": "2016-03-28T14:28:33.000Z", "description": "C&C", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.31.47.100']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f91-4e5c-4bfd-8669-3f2702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:33.000Z", "modified": "2016-03-28T14:28:33.000Z", "description": "C&C", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.117.72.94']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f92-db3c-4944-be9f-3f2702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:34.000Z", "modified": "2016-03-28T14:28:34.000Z", "description": "C&C", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.19.170.249']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f92-3bc0-40a4-98e3-3f2702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:34.000Z", "modified": "2016-03-28T14:28:34.000Z", "description": "C&C", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.217.8.127']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93f92-cc08-4a78-a453-3f2702de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:28:34.000Z", "modified": "2016-03-28T14:28:34.000Z", "description": "C&C", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.200.14.73']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:28:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fb3-7fc0-429c-aa4a-3f5d02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:19.000Z", "modified": "2016-03-28T14:29:19.000Z", "pattern": "[url:value = 'http://comprecaldas.com/js/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcc-4c84-46a6-9079-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:32.000Z", "modified": "2016-03-28T14:29:32.000Z", "pattern": "[url:value = 'http://comprecaldas.com/js/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcd-ad84-461c-80b2-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:33.000Z", "modified": "2016-03-28T14:29:33.000Z", "pattern": "[url:value = 'http://distrazur.com/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcd-d728-410b-b440-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:33.000Z", "modified": "2016-03-28T14:29:33.000Z", "pattern": "[url:value = 'http://dragonex.com/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcd-6f38-4be3-9645-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:33.000Z", "modified": "2016-03-28T14:29:33.000Z", "pattern": "[url:value = 'http://homedesire.co.uk/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fce-b880-4a0e-8755-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:34.000Z", "modified": "2016-03-28T14:29:34.000Z", "pattern": "[url:value = 'http://lascelta.com/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fce-84d4-4104-a05f-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:34.000Z", "modified": "2016-03-28T14:29:34.000Z", "pattern": "[url:value = 'http://orkneyhampers.co.uk/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fce-a728-4eca-9081-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:34.000Z", "modified": "2016-03-28T14:29:34.000Z", "pattern": "[url:value = 'http://pockettypewriter.co.uk/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcf-beac-4828-a54d-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:35.000Z", "modified": "2016-03-28T14:29:35.000Z", "pattern": "[url:value = 'http://sandbox.bottlestore.com/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcf-afe8-4514-8bf4-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:35.000Z", "modified": "2016-03-28T14:29:35.000Z", "pattern": "[url:value = 'http://scorpena.com/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcf-f130-485e-886d-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:35.000Z", "modified": "2016-03-28T14:29:35.000Z", "pattern": "[url:value = 'http://store.brugomug.co.uk/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56f93fcf-0b84-4b10-a9ea-3f2f02de0b81", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-28T14:29:35.000Z", "modified": "2016-03-28T14:29:35.000Z", "pattern": "[url:value = 'http://wholesale.undercovermama.com/765f46vb.exe']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-28T14:29:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e79-f934-4337-8091-43d4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:57.000Z", "modified": "2016-03-29T12:00:57.000Z", "pattern": "[domain-name:value = 'comprecaldas.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7a-22b4-4a5e-a88b-42c4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:58.000Z", "modified": "2016-03-29T12:00:58.000Z", "pattern": "[domain-name:value = 'distrazur.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7a-6234-4245-aded-4f2f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:58.000Z", "modified": "2016-03-29T12:00:58.000Z", "pattern": "[domain-name:value = 'homedesire.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7a-e6dc-47de-bba3-41be950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:58.000Z", "modified": "2016-03-29T12:00:58.000Z", "pattern": "[domain-name:value = 'dragonex.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7b-f358-4891-9f38-4253950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:59.000Z", "modified": "2016-03-29T12:00:59.000Z", "pattern": "[domain-name:value = 'orkneyhampers.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7b-ed70-4c4c-903f-49ac950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:59.000Z", "modified": "2016-03-29T12:00:59.000Z", "pattern": "[domain-name:value = 'lascelta.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7b-86bc-4b96-bf6c-4616950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:59.000Z", "modified": "2016-03-29T12:00:59.000Z", "pattern": "[domain-name:value = 'wholesale.undercovermama.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7b-5fd4-4a72-9b79-481b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:00:59.000Z", "modified": "2016-03-29T12:00:59.000Z", "pattern": "[domain-name:value = 'pockettypewriter.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:00:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7c-89c4-4b7c-9350-4509950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:01:00.000Z", "modified": "2016-03-29T12:01:00.000Z", "pattern": "[domain-name:value = 'scorpena.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:01:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7c-d424-41c5-bbf4-446a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:01:00.000Z", "modified": "2016-03-29T12:01:00.000Z", "pattern": "[domain-name:value = 'sandbox.bottlestore.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:01:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--56fa6e7c-e9b0-4beb-a611-412b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-03-29T12:01:00.000Z", "modified": "2016-03-29T12:01:00.000Z", "pattern": "[domain-name:value = 'store.brugomug.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-03-29T12:01:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }