{ "type": "bundle", "id": "bundle--57bea9ac-bb00-4243-be64-bbe9950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:24:32.000Z", "modified": "2016-08-25T08:24:32.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57bea9ac-bb00-4243-be64-bbe9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:24:32.000Z", "modified": "2016-08-25T08:24:32.000Z", "name": "Malspam 2016-08-25 (.js in .zip) - campaign: \"Contract\"", "published": "2016-08-25T08:25:08Z", "object_refs": [ "indicator--57bea9dd-3d0c-43b7-a1d6-bec6950d210f", "indicator--57bea9de-b478-4502-aa8b-bec6950d210f", "indicator--57bea9de-311c-47db-a9eb-bec6950d210f", "indicator--57bea9de-21f0-4e6e-b478-bec6950d210f", "indicator--57bea9de-4268-4f36-aa09-bec6950d210f", "indicator--57bea9df-ff90-4c43-a249-bec6950d210f", "indicator--57bea9df-b808-42b4-aae6-bec6950d210f", "indicator--57bea9df-1038-4d72-b23d-bec6950d210f", "indicator--57bea9df-a784-4e06-be7b-bec6950d210f", "indicator--57bea9df-ce40-4a97-ba6a-bec6950d210f", "indicator--57bea9e0-1b38-4e59-bd51-bec6950d210f", "indicator--57bea9e0-ec70-4bc9-af84-bec6950d210f", "indicator--57bea9e0-7b0c-4281-b89d-bec6950d210f", "indicator--57bea9e0-1b20-44a7-b968-bec6950d210f", "indicator--57bea9e1-ad90-4ea3-a3a3-bec6950d210f", "indicator--57bea9e1-6160-422e-92e4-bec6950d210f", "indicator--57bea9e1-2bb4-4cab-9122-bec6950d210f", "indicator--57bea9e1-2a98-4ac1-bf32-bec6950d210f", "indicator--57bea9e2-7670-4be3-8a62-bec6950d210f", "indicator--57bea9e2-9510-44d3-9304-bec6950d210f", "indicator--57bea9e2-d6a4-470c-8edd-bec6950d210f", "indicator--57bea9e2-f9d8-49d0-acaf-bec6950d210f", "indicator--57bea9e2-da84-45b2-b425-bec6950d210f", "indicator--57bea9e3-d024-4660-9437-bec6950d210f", "indicator--57bea9e3-9058-4251-9f38-bec6950d210f", "indicator--57bea9e3-9d80-4ef5-a34d-bec6950d210f", "indicator--57bea9e3-308c-4a6b-81e1-bec6950d210f", "indicator--57bea9e4-e6fc-42dc-ab1c-bec6950d210f", "indicator--57bea9e4-bc30-4cba-806f-bec6950d210f", "indicator--57bea9e4-022c-496f-848d-bec6950d210f", "indicator--57bea9e4-770c-4486-b2b3-bec6950d210f", "indicator--57bea9e4-e438-4f0f-8e15-bec6950d210f", "indicator--57bea9e5-2668-4546-960e-bec6950d210f", "indicator--57bea9e5-8ed4-480f-b98a-bec6950d210f", "indicator--57bea9e5-b0f4-45a5-9076-bec6950d210f", "indicator--57bea9e5-c7e4-4d88-ab09-bec6950d210f", "indicator--57bea9e6-bf54-4583-a872-bec6950d210f", "indicator--57bea9e6-3088-46fc-96e2-bec6950d210f", "indicator--57bea9e6-3868-4f8b-a18e-bec6950d210f", "indicator--57bea9e6-6770-4820-8ed2-bec6950d210f", "indicator--57bea9e7-adbc-4c2d-abb7-bec6950d210f", "indicator--57bea9e7-4470-449e-aea0-bec6950d210f", "indicator--57bea9e7-ac3c-41ad-b0bb-bec6950d210f", "indicator--57bea9e7-eacc-42b3-940d-bec6950d210f", "indicator--57bea9e7-1d40-4f66-868c-bec6950d210f", "indicator--57bea9e8-98ac-4b91-b096-bec6950d210f", "indicator--57bea9e8-9898-41d1-b991-bec6950d210f", "indicator--57bea9e8-7a40-4563-a21c-bec6950d210f", "indicator--57bea9e8-b094-47f6-9a01-bec6950d210f", "indicator--57bea9e8-4670-4b73-938d-bec6950d210f", "indicator--57bea9e9-2860-440f-99a8-bec6950d210f", "indicator--57bea9e9-fbc8-4411-bc27-bec6950d210f", "indicator--57bea9e9-8350-46b6-ae2c-bec6950d210f", "indicator--57bea9e9-12e8-4ad3-a6e9-bec6950d210f", "indicator--57bea9e9-eddc-4ffd-8111-bec6950d210f", "indicator--57bea9ea-875c-4594-9a59-bec6950d210f", "indicator--57bea9ea-8940-41be-91e1-bec6950d210f", "indicator--57bea9ea-5a34-4e0e-abe2-bec6950d210f", "indicator--57bea9ea-e1d4-481e-a43f-bec6950d210f", "indicator--57bea9eb-f448-45f9-8c7f-bec6950d210f", "indicator--57bea9eb-2704-4998-91dd-bec6950d210f", "indicator--57bea9eb-9890-4519-b1c5-bec6950d210f", "indicator--57bea9eb-d8ec-4dcf-97d5-bec6950d210f", "indicator--57bea9eb-cfdc-424d-804a-bec6950d210f", "indicator--57bea9eb-c12c-4027-ae1a-bec6950d210f", "indicator--57bea9ec-cb00-405b-b908-bec6950d210f", "indicator--57bea9ec-7b90-4db5-90ba-bec6950d210f", "indicator--57bea9ec-43dc-4b25-b853-bec6950d210f", "indicator--57bea9ec-a328-4f47-947c-bec6950d210f", "indicator--57bea9ec-d4a0-42d1-a021-bec6950d210f", "indicator--57bea9ed-796c-40fe-9407-bec6950d210f", "indicator--57bea9ed-a1cc-44ad-922a-bec6950d210f", "indicator--57bea9ed-1af4-40d9-9ea1-bec6950d210f", "indicator--57bea9ed-eec8-47d9-878b-bec6950d210f", "indicator--57bea9ed-ce6c-46cd-be92-bec6950d210f", "indicator--57bea9ee-45a8-4a4b-8c85-bec6950d210f", "indicator--57bea9ee-f4f0-4fef-87db-bec6950d210f", "indicator--57bea9ee-6c3c-4b6a-8596-bec6950d210f", "indicator--57bea9ee-f308-4454-a294-bec6950d210f", "indicator--57bea9ee-cf54-42e5-8297-bec6950d210f", "indicator--57bea9ee-214c-424e-a0e2-bec6950d210f", "indicator--57bea9ef-18e4-4736-aa17-bec6950d210f", "indicator--57bea9ef-3de8-419b-bac6-bec6950d210f", "indicator--57bea9ef-2eec-4f5d-939e-bec6950d210f", "indicator--57bea9ef-4eb8-46c7-9019-bec6950d210f", "indicator--57bea9ef-7514-4367-8270-bec6950d210f", "indicator--57bea9f0-2924-4dcc-bad1-bec6950d210f", "indicator--57bea9f0-f350-4cbc-ae3e-bec6950d210f", "indicator--57bea9f0-6664-4fc9-af04-bec6950d210f", "indicator--57bea9f0-a12c-4fe2-8356-bec6950d210f", "indicator--57bea9f0-1488-4b46-b4d3-bec6950d210f", "indicator--57bea9f1-fda8-4c37-ba1c-bec6950d210f", "indicator--57bea9f1-9494-4d87-bccf-bec6950d210f", "indicator--57bea9f1-a9b0-4542-acf4-bec6950d210f", "indicator--57bea9f1-6860-41b7-94a8-bec6950d210f", "indicator--57bea9f1-7e74-430a-aead-bec6950d210f", "indicator--57bea9f2-7920-4cb4-b06a-bec6950d210f", "indicator--57bea9f2-6968-42db-88c6-bec6950d210f", "indicator--57bea9f2-19e8-422b-811f-bec6950d210f", "indicator--57bea9f2-160c-4f56-bfaf-bec6950d210f", "indicator--57bea9f3-f648-4fd6-a9c3-bec6950d210f", "indicator--57bea9f3-e16c-47c7-a79a-bec6950d210f", "indicator--57bea9f3-8480-44d5-8055-bec6950d210f", "indicator--57bea9f3-6670-4780-9fac-bec6950d210f", "indicator--57bea9f3-9c70-4653-9525-bec6950d210f", "indicator--57bea9f4-0418-49cb-a503-bec6950d210f", "indicator--57bea9f4-63fc-4147-b0b0-bec6950d210f", "indicator--57bea9f4-9050-4dea-af58-bec6950d210f", "indicator--57bea9f4-ae4c-4239-85ae-bec6950d210f", "indicator--57bea9f4-c768-48cc-bb10-bec6950d210f", "indicator--57bea9f5-8e30-4511-bf87-bec6950d210f", "indicator--57bea9f5-18dc-454c-be73-bec6950d210f", "indicator--57bea9f5-8bac-48ca-8877-bec6950d210f", "indicator--57bea9f5-894c-4e8b-9638-bec6950d210f", "indicator--57bea9f5-35f4-413b-a10a-bec6950d210f", "indicator--57bea9f6-5010-432e-b10e-bec6950d210f", "indicator--57bea9f6-500c-496a-b605-bec6950d210f", "indicator--57bea9f6-e054-4a1f-b707-bec6950d210f", "indicator--57bea9f6-9ef0-49f0-9f44-bec6950d210f", "indicator--57bea9f6-9ed8-44c3-b894-bec6950d210f", "indicator--57bea9f7-ce5c-49d9-9367-bec6950d210f", "indicator--57bea9f7-5cdc-4c34-8cf2-bec6950d210f", "indicator--57bea9f7-c290-413e-a02b-bec6950d210f", "indicator--57bea9f7-fee8-4f67-a177-bec6950d210f", "indicator--57bea9f7-66d4-420f-8cb6-bec6950d210f", "indicator--57bea9f8-89b8-4236-ba2d-bec6950d210f", "indicator--57bea9f8-fdb8-438d-8039-bec6950d210f", "indicator--57bea9f8-7b50-4987-9e1e-bec6950d210f", "indicator--57bea9f8-a4b4-4b0a-ad4c-bec6950d210f", "indicator--57bea9f8-a650-456b-86d1-bec6950d210f", "indicator--57bea9f9-aee8-42b1-ad1f-bec6950d210f", "indicator--57bea9f9-b9e8-458e-ae3a-bec6950d210f", "indicator--57bea9f9-5d9c-45f3-b0ce-bec6950d210f", "indicator--57bea9f9-0008-43df-80aa-bec6950d210f", "indicator--57bea9f9-82fc-420d-8e13-bec6950d210f", "indicator--57bea9fa-27c4-4c03-8639-bec6950d210f", "indicator--57bea9fa-5e14-48e9-97a9-bec6950d210f", "observed-data--57beaa56-956c-4af5-9f8f-bec9950d210f", "email-message--57beaa56-956c-4af5-9f8f-bec9950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9dd-3d0c-43b7-a1d6-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:37.000Z", "modified": "2016-08-25T08:18:37.000Z", "description": "download location", "pattern": "[url:value = 'http://161.184.245.22/~bignanc/lmlox']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9de-b478-4502-aa8b-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:38.000Z", "modified": "2016-08-25T08:18:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '161.184.245.22']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9de-311c-47db-a9eb-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:38.000Z", "modified": "2016-08-25T08:18:38.000Z", "description": "download location", "pattern": "[url:value = 'http://slivki.tritiumnet.org/ionki']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9de-21f0-4e6e-b478-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:38.000Z", "modified": "2016-08-25T08:18:38.000Z", "description": "download location", "pattern": "[domain-name:value = 'slivki.tritiumnet.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9de-4268-4f36-aa09-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:38.000Z", "modified": "2016-08-25T08:18:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.230.109.4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9df-ff90-4c43-a249-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:39.000Z", "modified": "2016-08-25T08:18:39.000Z", "description": "download location", "pattern": "[url:value = 'http://bck.srtec.net/i0mw0s']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9df-b808-42b4-aae6-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:39.000Z", "modified": "2016-08-25T08:18:39.000Z", "description": "download location", "pattern": "[domain-name:value = 'bck.srtec.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9df-1038-4d72-b23d-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:39.000Z", "modified": "2016-08-25T08:18:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.46.73.162']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9df-a784-4e06-be7b-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:39.000Z", "modified": "2016-08-25T08:18:39.000Z", "description": "download location", "pattern": "[url:value = 'http://250ooo.web.fc2.com/jor7you4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9df-ce40-4a97-ba6a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:39.000Z", "modified": "2016-08-25T08:18:39.000Z", "description": "download location", "pattern": "[domain-name:value = '250ooo.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e0-1b38-4e59-bd51-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:40.000Z", "modified": "2016-08-25T08:18:40.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.37']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e0-ec70-4bc9-af84-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:40.000Z", "modified": "2016-08-25T08:18:40.000Z", "description": "download location", "pattern": "[url:value = 'http://foodbiz-net.com/wf7x3lc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e0-7b0c-4281-b89d-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:40.000Z", "modified": "2016-08-25T08:18:40.000Z", "description": "download location", "pattern": "[domain-name:value = 'foodbiz-net.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e0-1b20-44a7-b968-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:40.000Z", "modified": "2016-08-25T08:18:40.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.13.196.136']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e1-ad90-4ea3-a3a3-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:41.000Z", "modified": "2016-08-25T08:18:41.000Z", "description": "download location", "pattern": "[url:value = 'http://sopranolady7.wang/31t8j59']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e1-6160-422e-92e4-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:24:32.000Z", "modified": "2016-08-25T08:24:32.000Z", "description": "download location", "pattern": "[url:value = 'sopranolady7.wang']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:24:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e1-2bb4-4cab-9122-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:41.000Z", "modified": "2016-08-25T08:18:41.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.229.74.92']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e1-2a98-4ac1-bf32-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:41.000Z", "modified": "2016-08-25T08:18:41.000Z", "description": "download location", "pattern": "[url:value = 'http://79.96.61.206/atow9crh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e2-7670-4be3-8a62-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:41.000Z", "modified": "2016-08-25T08:18:41.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.96.61.206']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e2-9510-44d3-9304-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:42.000Z", "modified": "2016-08-25T08:18:42.000Z", "description": "download location", "pattern": "[url:value = 'http://psrsa.freehost.pl/b8mo5st']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e2-d6a4-470c-8edd-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:42.000Z", "modified": "2016-08-25T08:18:42.000Z", "description": "download location", "pattern": "[domain-name:value = 'psrsa.freehost.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e2-f9d8-49d0-acaf-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:42.000Z", "modified": "2016-08-25T08:18:42.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.114.0.64']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e2-da84-45b2-b425-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:42.000Z", "modified": "2016-08-25T08:18:42.000Z", "description": "download location", "pattern": "[url:value = 'http://www.cmt.ro/cjpqr4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e3-d024-4660-9437-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:43.000Z", "modified": "2016-08-25T08:18:43.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.cmt.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e3-9058-4251-9f38-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:43.000Z", "modified": "2016-08-25T08:18:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.136.8.9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e3-9d80-4ef5-a34d-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:43.000Z", "modified": "2016-08-25T08:18:43.000Z", "description": "download location", "pattern": "[url:value = 'http://www.iperlatino.it/e6tbmma0']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e3-308c-4a6b-81e1-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:43.000Z", "modified": "2016-08-25T08:18:43.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.iperlatino.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e4-e6fc-42dc-ab1c-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:44.000Z", "modified": "2016-08-25T08:18:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e4-bc30-4cba-806f-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:44.000Z", "modified": "2016-08-25T08:18:44.000Z", "description": "download location", "pattern": "[url:value = 'http://ventkanal.ru/kwdl38g']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e4-022c-496f-848d-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:44.000Z", "modified": "2016-08-25T08:18:44.000Z", "description": "download location", "pattern": "[domain-name:value = 'ventkanal.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e4-770c-4486-b2b3-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:44.000Z", "modified": "2016-08-25T08:18:44.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '90.156.201.118']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e4-e438-4f0f-8e15-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:44.000Z", "modified": "2016-08-25T08:18:44.000Z", "description": "download location", "pattern": "[url:value = 'http://rejoincomp2.in/143igszv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e5-2668-4546-960e-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:45.000Z", "modified": "2016-08-25T08:18:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'rejoincomp2.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e5-8ed4-480f-b98a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:45.000Z", "modified": "2016-08-25T08:18:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.223.89.200']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e5-b0f4-45a5-9076-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:45.000Z", "modified": "2016-08-25T08:18:45.000Z", "description": "download location", "pattern": "[url:value = 'http://travoxsb.com/z5rweh']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e5-c7e4-4d88-ab09-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:45.000Z", "modified": "2016-08-25T08:18:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'travoxsb.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e6-bf54-4583-a872-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:46.000Z", "modified": "2016-08-25T08:18:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '110.4.45.235']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e6-3088-46fc-96e2-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:46.000Z", "modified": "2016-08-25T08:18:46.000Z", "description": "download location", "pattern": "[url:value = 'http://video9211.getenjoyment.net/31t8j59']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e6-3868-4f8b-a18e-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:46.000Z", "modified": "2016-08-25T08:18:46.000Z", "description": "download location", "pattern": "[domain-name:value = 'video9211.getenjoyment.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e6-6770-4820-8ed2-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:46.000Z", "modified": "2016-08-25T08:18:46.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.125.22.186']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e7-adbc-4c2d-abb7-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:47.000Z", "modified": "2016-08-25T08:18:47.000Z", "description": "download location", "pattern": "[url:value = 'http://cbactive.com/ygpd7aom']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e7-4470-449e-aea0-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:47.000Z", "modified": "2016-08-25T08:18:47.000Z", "description": "download location", "pattern": "[domain-name:value = 'cbactive.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e7-ac3c-41ad-b0bb-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:47.000Z", "modified": "2016-08-25T08:18:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.171.33']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e7-eacc-42b3-940d-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:47.000Z", "modified": "2016-08-25T08:18:47.000Z", "description": "download location", "pattern": "[url:value = 'http://brothermalw.ws/06qbbzy7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e7-1d40-4f66-868c-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:47.000Z", "modified": "2016-08-25T08:18:47.000Z", "description": "download location", "pattern": "[domain-name:value = 'brothermalw.ws']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e8-98ac-4b91-b096-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:48.000Z", "modified": "2016-08-25T08:18:48.000Z", "description": "download location", "pattern": "[url:value = 'http://wangmewang.name/467pbl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e8-9898-41d1-b991-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:48.000Z", "modified": "2016-08-25T08:18:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'wangmewang.name']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e8-7a40-4563-a21c-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:48.000Z", "modified": "2016-08-25T08:18:48.000Z", "description": "download location", "pattern": "[url:value = 'http://baysigorta.com/143igszv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e8-b094-47f6-9a01-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:48.000Z", "modified": "2016-08-25T08:18:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'baysigorta.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e8-4670-4b73-938d-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:48.000Z", "modified": "2016-08-25T08:18:48.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.8.0.22']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e9-2860-440f-99a8-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:49.000Z", "modified": "2016-08-25T08:18:49.000Z", "description": "download location", "pattern": "[url:value = 'http://www.nadelaur.com/ww4pgc9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e9-fbc8-4411-bc27-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:49.000Z", "modified": "2016-08-25T08:18:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.nadelaur.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e9-8350-46b6-ae2c-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:49.000Z", "modified": "2016-08-25T08:18:49.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.130.132.84']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e9-12e8-4ad3-a6e9-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:49.000Z", "modified": "2016-08-25T08:18:49.000Z", "description": "download location", "pattern": "[url:value = 'http://www.sixpack.bnet.at/n93y3t']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9e9-eddc-4ffd-8111-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:49.000Z", "modified": "2016-08-25T08:18:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.sixpack.bnet.at']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ea-875c-4594-9a59-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:50.000Z", "modified": "2016-08-25T08:18:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.230.160.53']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ea-8940-41be-91e1-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:50.000Z", "modified": "2016-08-25T08:18:50.000Z", "description": "download location", "pattern": "[url:value = 'http://www.arrotin.net/pbkpgfi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ea-5a34-4e0e-abe2-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:50.000Z", "modified": "2016-08-25T08:18:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.arrotin.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ea-e1d4-481e-a43f-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:50.000Z", "modified": "2016-08-25T08:18:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.238.0.64']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9eb-f448-45f9-8c7f-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:51.000Z", "modified": "2016-08-25T08:18:51.000Z", "description": "download location", "pattern": "[url:value = 'http://immo.3x.ro/oirjm2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9eb-2704-4998-91dd-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:51.000Z", "modified": "2016-08-25T08:18:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'immo.3x.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9eb-9890-4519-b1c5-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:51.000Z", "modified": "2016-08-25T08:18:51.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.42.39.160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9eb-d8ec-4dcf-97d5-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:51.000Z", "modified": "2016-08-25T08:18:51.000Z", "description": "download location", "pattern": "[url:value = 'http://ietern.se/97sz4o1x']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9eb-cfdc-424d-804a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:51.000Z", "modified": "2016-08-25T08:18:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'ietern.se']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9eb-c12c-4027-ae1a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:51.000Z", "modified": "2016-08-25T08:18:51.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.74.38.94']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ec-cb00-405b-b908-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:52.000Z", "modified": "2016-08-25T08:18:52.000Z", "description": "download location", "pattern": "[url:value = 'http://ilkhaberadana.com/sfh867cw']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ec-7b90-4db5-90ba-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:52.000Z", "modified": "2016-08-25T08:18:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'ilkhaberadana.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ec-43dc-4b25-b853-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:52.000Z", "modified": "2016-08-25T08:18:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '159.253.46.194']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ec-a328-4f47-947c-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:52.000Z", "modified": "2016-08-25T08:18:52.000Z", "description": "download location", "pattern": "[url:value = 'http://www.bbfreeholidays.com/10h7l4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ec-d4a0-42d1-a021-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:52.000Z", "modified": "2016-08-25T08:18:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.bbfreeholidays.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ed-796c-40fe-9407-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:52.000Z", "modified": "2016-08-25T08:18:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.149.142.134']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ed-a1cc-44ad-922a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:53.000Z", "modified": "2016-08-25T08:18:53.000Z", "description": "download location", "pattern": "[url:value = 'http://www.jansen-consultancy-machines.be/q3e2x9n']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ed-1af4-40d9-9ea1-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:53.000Z", "modified": "2016-08-25T08:18:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.jansen-consultancy-machines.be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ed-eec8-47d9-878b-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:53.000Z", "modified": "2016-08-25T08:18:53.000Z", "description": "download location", "pattern": "[url:value = 'http://www.fascicolodifabbricato.org/hmnwqer']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ed-ce6c-46cd-be92-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:53.000Z", "modified": "2016-08-25T08:18:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.fascicolodifabbricato.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ee-45a8-4a4b-8c85-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:54.000Z", "modified": "2016-08-25T08:18:54.000Z", "description": "download location", "pattern": "[url:value = 'http://www.fulvio77.it/uwg8a5bv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ee-f4f0-4fef-87db-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:54.000Z", "modified": "2016-08-25T08:18:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.fulvio77.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ee-6c3c-4b6a-8596-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:54.000Z", "modified": "2016-08-25T08:18:54.000Z", "description": "download location", "pattern": "[url:value = 'http://guidemobi.onphp.net/467pbl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ee-f308-4454-a294-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:54.000Z", "modified": "2016-08-25T08:18:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'guidemobi.onphp.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ee-cf54-42e5-8297-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:54.000Z", "modified": "2016-08-25T08:18:54.000Z", "description": "download location", "pattern": "[url:value = 'http://pvdbosch.dommel.be/wyq75a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ee-214c-424e-a0e2-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:54.000Z", "modified": "2016-08-25T08:18:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'pvdbosch.dommel.be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ef-18e4-4736-aa17-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:55.000Z", "modified": "2016-08-25T08:18:55.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.109.184.81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ef-3de8-419b-bac6-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:55.000Z", "modified": "2016-08-25T08:18:55.000Z", "description": "download location", "pattern": "[url:value = 'http://210.158.149.146/~kokoro-1/nat25g3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ef-2eec-4f5d-939e-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:55.000Z", "modified": "2016-08-25T08:18:55.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.158.149.146']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ef-4eb8-46c7-9019-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:55.000Z", "modified": "2016-08-25T08:18:55.000Z", "description": "download location", "pattern": "[url:value = 'http://www.richtenberg.be/g6rxssr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9ef-7514-4367-8270-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:55.000Z", "modified": "2016-08-25T08:18:55.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.richtenberg.be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f0-2924-4dcc-bad1-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:56.000Z", "modified": "2016-08-25T08:18:56.000Z", "description": "download location", "pattern": "[url:value = 'http://oabbahs.web.fc2.com/vr22my']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f0-f350-4cbc-ae3e-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:56.000Z", "modified": "2016-08-25T08:18:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'oabbahs.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f0-6664-4fc9-af04-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:56.000Z", "modified": "2016-08-25T08:18:56.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.39']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f0-a12c-4fe2-8356-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:56.000Z", "modified": "2016-08-25T08:18:56.000Z", "description": "download location", "pattern": "[url:value = 'http://www.plastimonza.com/l0edg2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f0-1488-4b46-b4d3-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:56.000Z", "modified": "2016-08-25T08:18:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.plastimonza.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f1-fda8-4c37-ba1c-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:57.000Z", "modified": "2016-08-25T08:18:57.000Z", "description": "download location", "pattern": "[url:value = 'http://psrsa.freehost.pl/b427nvfa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f1-9494-4d87-bccf-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:57.000Z", "modified": "2016-08-25T08:18:57.000Z", "description": "download location", "pattern": "[url:value = 'http://210.240.104.2/upp0nqa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f1-a9b0-4542-acf4-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:57.000Z", "modified": "2016-08-25T08:18:57.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.240.104.2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f1-6860-41b7-94a8-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:57.000Z", "modified": "2016-08-25T08:18:57.000Z", "description": "download location", "pattern": "[url:value = 'http://otakaraidol.web.fc2.com/rpdgpovy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f1-7e74-430a-aead-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:57.000Z", "modified": "2016-08-25T08:18:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'otakaraidol.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f2-7920-4cb4-b06a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:58.000Z", "modified": "2016-08-25T08:18:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.48']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f2-6968-42db-88c6-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:58.000Z", "modified": "2016-08-25T08:18:58.000Z", "description": "download location", "pattern": "[url:value = 'http://brianzainformatica.it/f5t8a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f2-19e8-422b-811f-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:58.000Z", "modified": "2016-08-25T08:18:58.000Z", "description": "download location", "pattern": "[domain-name:value = 'brianzainformatica.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f2-160c-4f56-bfaf-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:58.000Z", "modified": "2016-08-25T08:18:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.98.45.16']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f3-f648-4fd6-a9c3-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:59.000Z", "modified": "2016-08-25T08:18:59.000Z", "description": "download location", "pattern": "[url:value = 'http://selectron.ch/~se_robel/km51cbxx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f3-e16c-47c7-a79a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:59.000Z", "modified": "2016-08-25T08:18:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'selectron.ch']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f3-8480-44d5-8055-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:59.000Z", "modified": "2016-08-25T08:18:59.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.110.146.99']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f3-6670-4780-9fac-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:59.000Z", "modified": "2016-08-25T08:18:59.000Z", "description": "download location", "pattern": "[url:value = 'http://www.elba-scaglieri.com/j1b3whi5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f3-9c70-4653-9525-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:18:59.000Z", "modified": "2016-08-25T08:18:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.elba-scaglieri.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:18:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f4-0418-49cb-a503-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:00.000Z", "modified": "2016-08-25T08:19:00.000Z", "description": "download location", "pattern": "[url:value = 'http://cap114.fr/lb0vm08q']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f4-63fc-4147-b0b0-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:00.000Z", "modified": "2016-08-25T08:19:00.000Z", "description": "download location", "pattern": "[domain-name:value = 'cap114.fr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f4-9050-4dea-af58-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:00.000Z", "modified": "2016-08-25T08:19:00.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.186.33.24']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f4-ae4c-4239-85ae-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:00.000Z", "modified": "2016-08-25T08:19:00.000Z", "description": "download location", "pattern": "[url:value = 'http://www.mbeccarini.com/xkzd7c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f4-c768-48cc-bb10-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:00.000Z", "modified": "2016-08-25T08:19:00.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.mbeccarini.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f5-8e30-4511-bf87-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:01.000Z", "modified": "2016-08-25T08:19:01.000Z", "description": "download location", "pattern": "[url:value = 'http://buntaro.web.fc2.com/yj3fiqr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f5-18dc-454c-be73-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:01.000Z", "modified": "2016-08-25T08:19:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'buntaro.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f5-8bac-48ca-8877-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:01.000Z", "modified": "2016-08-25T08:19:01.000Z", "description": "download location", "pattern": "[url:value = 'http://tuduku0238.web.fc2.com/rk0r8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f5-894c-4e8b-9638-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:01.000Z", "modified": "2016-08-25T08:19:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'tuduku0238.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f5-35f4-413b-a10a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:01.000Z", "modified": "2016-08-25T08:19:01.000Z", "description": "download location", "pattern": "[url:value = 'http://www.yorkimmobiliare.it/k0itno']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f6-5010-432e-b10e-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:02.000Z", "modified": "2016-08-25T08:19:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.yorkimmobiliare.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f6-500c-496a-b605-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:02.000Z", "modified": "2016-08-25T08:19:02.000Z", "description": "download location", "pattern": "[url:value = 'http://amazingbootys.com/abf9c9sp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f6-e054-4a1f-b707-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:02.000Z", "modified": "2016-08-25T08:19:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'amazingbootys.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f6-9ef0-49f0-9f44-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:02.000Z", "modified": "2016-08-25T08:19:02.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '174.138.170.171']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f6-9ed8-44c3-b894-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:02.000Z", "modified": "2016-08-25T08:19:02.000Z", "description": "download location", "pattern": "[url:value = 'http://www.tangoshow.it/pza6j']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f7-ce5c-49d9-9367-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:03.000Z", "modified": "2016-08-25T08:19:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.tangoshow.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f7-5cdc-4c34-8cf2-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:03.000Z", "modified": "2016-08-25T08:19:03.000Z", "description": "download location", "pattern": "[url:value = 'http://miyadu.web.fc2.com/q62d4vj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f7-c290-413e-a02b-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:03.000Z", "modified": "2016-08-25T08:19:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'miyadu.web.fc2.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f7-fee8-4f67-a177-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:03.000Z", "modified": "2016-08-25T08:19:03.000Z", "description": "download location", "pattern": "[url:value = 'http://provincialpw.com/wme3d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f7-66d4-420f-8cb6-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:03.000Z", "modified": "2016-08-25T08:19:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'provincialpw.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f8-89b8-4236-ba2d-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:04.000Z", "modified": "2016-08-25T08:19:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.153.54.35']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f8-fdb8-438d-8039-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:04.000Z", "modified": "2016-08-25T08:19:04.000Z", "description": "download location", "pattern": "[url:value = 'http://www.sashraf.plus.com/qiu0dfyb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f8-7b50-4987-9e1e-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:04.000Z", "modified": "2016-08-25T08:19:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.sashraf.plus.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f8-a4b4-4b0a-ad4c-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:04.000Z", "modified": "2016-08-25T08:19:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.159.9.91']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f8-a650-456b-86d1-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:04.000Z", "modified": "2016-08-25T08:19:04.000Z", "description": "download location", "pattern": "[url:value = 'http://thecourtyardcolfaxcom.sites.qwestoffice.net/wwh3ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f9-aee8-42b1-ad1f-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:05.000Z", "modified": "2016-08-25T08:19:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'thecourtyardcolfaxcom.sites.qwestoffice.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f9-b9e8-458e-ae3a-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:05.000Z", "modified": "2016-08-25T08:19:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.36.236.244']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f9-5d9c-45f3-b0ce-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:05.000Z", "modified": "2016-08-25T08:19:05.000Z", "description": "download location", "pattern": "[url:value = 'http://web2.v45.ncsrv.de/kjoim']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f9-0008-43df-80aa-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:05.000Z", "modified": "2016-08-25T08:19:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'web2.v45.ncsrv.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9f9-82fc-420d-8e13-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:05.000Z", "modified": "2016-08-25T08:19:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.110.144.59']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9fa-27c4-4c03-8639-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:06.000Z", "modified": "2016-08-25T08:19:06.000Z", "description": "download location", "pattern": "[url:value = 'http://www.orad.it/xollrnal']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57bea9fa-5e14-48e9-97a9-bec6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:19:06.000Z", "modified": "2016-08-25T08:19:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.orad.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-25T08:19:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--57beaa56-956c-4af5-9f8f-bec9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-25T08:20:38.000Z", "modified": "2016-08-25T08:20:38.000Z", "first_observed": "2016-08-25T08:20:38Z", "last_observed": "2016-08-25T08:20:38Z", "number_observed": 1, "object_refs": [ "email-message--57beaa56-956c-4af5-9f8f-bec9950d210f" ], "labels": [ "misp:type=\"email-subject\"", "misp:category=\"Payload delivery\"" ] }, { "type": "email-message", "spec_version": "2.1", "id": "email-message--57beaa56-956c-4af5-9f8f-bec9950d210f", "is_multipart": false, "subject": "Contract" }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }