{ "type": "bundle", "id": "bundle--57c42744-662c-4f6e-bd21-7d2e950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:46.000Z", "modified": "2016-08-29T14:37:46.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--57c42744-662c-4f6e-bd21-7d2e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:46.000Z", "modified": "2016-08-29T14:37:46.000Z", "name": "Malspam 2016-08-29 (.wsf in .zip) - campaign: \"Please find attached invoice no\"", "published": "2016-08-29T14:46:28Z", "object_refs": [ "indicator--57c4279e-4610-4cd2-8c6d-46e2950d210f", "indicator--57c4279f-0b20-43ea-9e2f-4106950d210f", "indicator--57c4279f-23e8-49b3-b64c-4ed6950d210f", "indicator--57c4279f-187c-4f7f-b55d-4131950d210f", "indicator--57c4279f-2290-4ee7-a6f5-4835950d210f", "indicator--57c427a0-48d0-4caa-a28e-4b0d950d210f", "indicator--57c427a0-e320-4229-88c7-4d70950d210f", "indicator--57c427a0-7f7c-4406-9b72-49f7950d210f", "indicator--57c427a0-f0a4-489b-9fd1-46db950d210f", "indicator--57c427a0-2d10-4118-876a-4c54950d210f", "indicator--57c427a1-b558-4065-88cc-4534950d210f", "indicator--57c427a1-cf64-4d01-8146-4ad0950d210f", "indicator--57c427a1-9058-4b06-9c91-44d4950d210f", "indicator--57c427a1-f39c-4123-bff1-4b2a950d210f", "indicator--57c427a2-ec88-419f-b908-4215950d210f", "indicator--57c427a2-e508-4546-a423-4bf7950d210f", "indicator--57c427a2-17b8-4870-9092-4603950d210f", "indicator--57c427a2-d624-4ba4-a5ba-4697950d210f", "indicator--57c427a3-6bdc-49b6-bfb9-46f4950d210f", "indicator--57c427a3-c1dc-4db7-9df2-421e950d210f", "indicator--57c427a3-9e9c-47d8-86a4-4911950d210f", "indicator--57c427a3-5bfc-4025-aea8-44c6950d210f", "indicator--57c427a3-f170-4f85-ba3a-4d47950d210f", "indicator--57c427a4-838c-48e1-9e0c-4a49950d210f", "indicator--57c427a4-9524-4606-bfe5-488e950d210f", "indicator--57c427a4-9a38-4fb6-8d67-4b25950d210f", "indicator--57c427a4-7450-4c26-a969-4e08950d210f", "indicator--57c427a4-4c00-4e74-91f5-4fec950d210f", "indicator--57c427a5-16dc-4ac5-b200-4dcc950d210f", "indicator--57c427a5-28b4-4fca-b83b-4f15950d210f", "indicator--57c427a5-5898-43b7-a326-4674950d210f", "indicator--57c427a5-fc80-40f8-b14b-46e2950d210f", "indicator--57c427a6-acbc-4d5c-afb3-411e950d210f", "indicator--57c427a6-5ffc-4762-a23f-488e950d210f", "indicator--57c427a6-6c00-43a2-a60e-4d94950d210f", "indicator--57c427a6-40d8-471f-b9f6-4ad8950d210f", "indicator--57c427a6-5b5c-4cb9-a40d-479b950d210f", "indicator--57c427a7-87f4-4084-8f6b-4dd7950d210f", "indicator--57c427a7-5fdc-4288-b181-45a5950d210f", "indicator--57c427a7-a7cc-425e-82b9-4b57950d210f", "observed-data--57c4283d-96f0-4e00-a577-7a58950d210f", "email-message--57c4283d-96f0-4e00-a577-7a58950d210f", "indicator--57c448b2-9154-4569-a85b-7a54950d210f", "indicator--57c448b2-a848-4efd-a7df-7a54950d210f", "indicator--57c448b2-7e1c-4d66-b7ab-7a54950d210f", "indicator--57c448b2-d3cc-4110-a171-7a54950d210f", "indicator--57c448b2-f404-4c55-a026-7a54950d210f", "indicator--57c448b3-181c-4107-91ab-7a54950d210f", "indicator--57c448b3-edfc-4ff8-b00a-7a54950d210f", "indicator--57c448b3-8ae8-4719-9e78-7a54950d210f", "indicator--57c448b3-0d74-46ea-b0ff-7a54950d210f", "indicator--57c448b3-0da8-451b-84d2-7a54950d210f", "indicator--57c448b4-c5bc-4e34-ada4-7a54950d210f", "indicator--57c448b4-02f4-40d5-b57a-7a54950d210f", "indicator--57c448b4-97c4-4f65-9040-7a54950d210f", "indicator--57c448b4-ac6c-41af-88eb-7a54950d210f", "indicator--57c448b5-dc44-4f4c-9f96-7a54950d210f", "indicator--57c448b5-1c80-49fb-8b80-7a54950d210f", "indicator--57c448b5-98ac-47aa-a224-7a54950d210f", "indicator--57c448b5-2024-4b77-8754-7a54950d210f", "indicator--57c448b6-72d8-480f-8832-7a54950d210f", "indicator--57c448b6-4e44-4ee8-91b0-7a54950d210f", "indicator--57c448b6-0c9c-4e72-ae3b-7a54950d210f", "indicator--57c448b6-0210-425a-920d-7a54950d210f", "indicator--57c448b6-1668-4673-8c08-7a54950d210f", "indicator--57c448b7-55c4-494e-bf7e-7a54950d210f", "indicator--57c448b7-e0c0-4e37-9022-7a54950d210f", "indicator--57c448b7-e928-4771-b7d9-7a54950d210f", "indicator--57c448b7-f9d8-4db8-8bcf-7a54950d210f", "indicator--57c448b8-18e0-44c4-b7f2-7a54950d210f", "indicator--57c448b8-8f24-4887-ad9d-7a54950d210f", "indicator--57c448b8-514c-484d-bf81-7a54950d210f", "indicator--57c448b8-cb84-4cb9-a909-7a54950d210f", "indicator--57c448b9-3b58-44a9-8746-7a54950d210f", "indicator--57c448b9-7f7c-4f76-9335-7a54950d210f", "indicator--57c448b9-faf8-41e3-aa93-7a54950d210f", "indicator--57c448b9-3e80-4f21-9e53-7a54950d210f", "indicator--57c448b9-ebdc-4902-8659-7a54950d210f", "indicator--57c448ba-c980-48e1-8586-7a54950d210f", "indicator--57c448ba-c04c-48b8-ad39-7a54950d210f", "indicator--57c448ba-63b8-4f9d-ab76-7a54950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c4279e-4610-4cd2-8c6d-46e2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:30.000Z", "modified": "2016-08-29T12:16:30.000Z", "description": "download location", "pattern": "[url:value = 'http://www.dialektika.extra.hu/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c4279f-0b20-43ea-9e2f-4106950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:31.000Z", "modified": "2016-08-29T12:16:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.dialektika.extra.hu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c4279f-23e8-49b3-b64c-4ed6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:31.000Z", "modified": "2016-08-29T12:16:31.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.33.52.18']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c4279f-187c-4f7f-b55d-4131950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:31.000Z", "modified": "2016-08-29T12:16:31.000Z", "description": "download location", "pattern": "[url:value = 'http://sektori.pp.fi/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c4279f-2290-4ee7-a6f5-4835950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:31.000Z", "modified": "2016-08-29T12:16:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'sektori.pp.fi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a0-48d0-4caa-a28e-4b0d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:32.000Z", "modified": "2016-08-29T12:16:32.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.170.137.244']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a0-e320-4229-88c7-4d70950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:32.000Z", "modified": "2016-08-29T12:16:32.000Z", "description": "download location", "pattern": "[url:value = 'http://www.webcam-bild.de/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a0-7f7c-4406-9b72-49f7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:32.000Z", "modified": "2016-08-29T12:16:32.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.webcam-bild.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a0-f0a4-489b-9fd1-46db950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:32.000Z", "modified": "2016-08-29T12:16:32.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.237.132.10']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a0-2d10-4118-876a-4c54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:32.000Z", "modified": "2016-08-29T12:16:32.000Z", "description": "download location", "pattern": "[url:value = 'http://www.saumi.jazztel.es/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a1-b558-4065-88cc-4534950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:33.000Z", "modified": "2016-08-29T12:16:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.saumi.jazztel.es']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a1-cf64-4d01-8146-4ad0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:33.000Z", "modified": "2016-08-29T12:16:33.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.14.3.195']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a1-9058-4b06-9c91-44d4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:33.000Z", "modified": "2016-08-29T12:16:33.000Z", "description": "download location", "pattern": "[url:value = 'http://www.agenziadini.it/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a1-f39c-4123-bff1-4b2a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:33.000Z", "modified": "2016-08-29T12:16:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.agenziadini.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a2-ec88-419f-b908-4215950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:34.000Z", "modified": "2016-08-29T12:16:34.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a2-e508-4546-a423-4bf7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:34.000Z", "modified": "2016-08-29T12:16:34.000Z", "description": "download location", "pattern": "[url:value = 'http://club.konjiki.jp/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a2-17b8-4870-9092-4603950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:34.000Z", "modified": "2016-08-29T12:16:34.000Z", "description": "download location", "pattern": "[domain-name:value = 'club.konjiki.jp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a2-d624-4ba4-a5ba-4697950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:34.000Z", "modified": "2016-08-29T12:16:34.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.42.29']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a3-6bdc-49b6-bfb9-46f4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:35.000Z", "modified": "2016-08-29T12:16:35.000Z", "description": "download location", "pattern": "[url:value = 'http://ach-dziennik.cba.pl/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a3-c1dc-4db7-9df2-421e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:35.000Z", "modified": "2016-08-29T12:16:35.000Z", "description": "download location", "pattern": "[domain-name:value = 'ach-dziennik.cba.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a3-9e9c-47d8-86a4-4911950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:35.000Z", "modified": "2016-08-29T12:16:35.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.144.65']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a3-5bfc-4025-aea8-44c6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:35.000Z", "modified": "2016-08-29T12:16:35.000Z", "description": "download location", "pattern": "[url:value = 'http://bypetra.de/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a3-f170-4f85-ba3a-4d47950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:35.000Z", "modified": "2016-08-29T12:16:35.000Z", "description": "download location", "pattern": "[domain-name:value = 'bypetra.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a4-838c-48e1-9e0c-4a49950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:36.000Z", "modified": "2016-08-29T12:16:36.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.40.179.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a4-9524-4606-bfe5-488e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:36.000Z", "modified": "2016-08-29T12:16:36.000Z", "description": "download location", "pattern": "[url:value = 'http://www.bluedizioni.com/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a4-9a38-4fb6-8d67-4b25950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:36.000Z", "modified": "2016-08-29T12:16:36.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.bluedizioni.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a4-7450-4c26-a969-4e08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:36.000Z", "modified": "2016-08-29T12:16:36.000Z", "description": "download location", "pattern": "[url:value = 'http://www.culturalheritagemanagement.org/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a4-4c00-4e74-91f5-4fec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:36.000Z", "modified": "2016-08-29T12:16:36.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.culturalheritagemanagement.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a5-16dc-4ac5-b200-4dcc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:37.000Z", "modified": "2016-08-29T12:16:37.000Z", "description": "download location", "pattern": "[url:value = 'http://jamesm.co.uk/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a5-28b4-4fca-b83b-4f15950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:37.000Z", "modified": "2016-08-29T12:16:37.000Z", "description": "download location", "pattern": "[domain-name:value = 'jamesm.co.uk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a5-5898-43b7-a326-4674950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:37.000Z", "modified": "2016-08-29T12:16:37.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.223.104.160']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a5-fc80-40f8-b14b-46e2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:37.000Z", "modified": "2016-08-29T12:16:37.000Z", "description": "download location", "pattern": "[url:value = 'http://conserpa.vtrbandaancha.net/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a6-acbc-4d5c-afb3-411e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:38.000Z", "modified": "2016-08-29T12:16:38.000Z", "description": "download location", "pattern": "[domain-name:value = 'conserpa.vtrbandaancha.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a6-5ffc-4762-a23f-488e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:38.000Z", "modified": "2016-08-29T12:16:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '200.83.4.62']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a6-6c00-43a2-a60e-4d94950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:38.000Z", "modified": "2016-08-29T12:16:38.000Z", "description": "download location", "pattern": "[url:value = 'http://job.atspace.org/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a6-40d8-471f-b9f6-4ad8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:38.000Z", "modified": "2016-08-29T12:16:38.000Z", "description": "download location", "pattern": "[domain-name:value = 'job.atspace.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a6-5b5c-4cb9-a40d-479b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:38.000Z", "modified": "2016-08-29T12:16:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.197.131.109']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a7-87f4-4084-8f6b-4dd7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:39.000Z", "modified": "2016-08-29T12:16:39.000Z", "description": "download location", "pattern": "[url:value = 'http://www.planet-intv.com/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a7-5fdc-4288-b181-45a5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:39.000Z", "modified": "2016-08-29T12:16:39.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.planet-intv.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c427a7-a7cc-425e-82b9-4b57950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:16:39.000Z", "modified": "2016-08-29T12:16:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '167.114.43.19']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T12:16:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--57c4283d-96f0-4e00-a577-7a58950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T12:19:09.000Z", "modified": "2016-08-29T12:19:09.000Z", "first_observed": "2016-08-29T12:19:09Z", "last_observed": "2016-08-29T12:19:09Z", "number_observed": 1, "object_refs": [ "email-message--57c4283d-96f0-4e00-a577-7a58950d210f" ], "labels": [ "misp:type=\"email-subject\"", "misp:category=\"Payload delivery\"" ] }, { "type": "email-message", "spec_version": "2.1", "id": "email-message--57c4283d-96f0-4e00-a577-7a58950d210f", "is_multipart": false, "subject": "Please find attached invoice no" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b2-9154-4569-a85b-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:38.000Z", "modified": "2016-08-29T14:37:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.1.159.165']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b2-a848-4efd-a7df-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:38.000Z", "modified": "2016-08-29T14:37:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.101.104']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b2-7e1c-4d66-b7ab-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:38.000Z", "modified": "2016-08-29T14:37:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.144.125.70']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b2-d3cc-4110-a171-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:38.000Z", "modified": "2016-08-29T14:37:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.130.132.84']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b2-f404-4c55-a026-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:38.000Z", "modified": "2016-08-29T14:37:38.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.78.215.76']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b3-181c-4107-91ab-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:39.000Z", "modified": "2016-08-29T14:37:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.224.175.186']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b3-edfc-4ff8-b00a-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:39.000Z", "modified": "2016-08-29T14:37:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.180.150.17']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b3-8ae8-4719-9e78-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:39.000Z", "modified": "2016-08-29T14:37:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.87.186.101']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b3-0d74-46ea-b0ff-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:39.000Z", "modified": "2016-08-29T14:37:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.22.207.207']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b3-0da8-451b-84d2-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:39.000Z", "modified": "2016-08-29T14:37:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.145.223']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b4-c5bc-4e34-ada4-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:40.000Z", "modified": "2016-08-29T14:37:40.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.196.20.134']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b4-02f4-40d5-b57a-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:40.000Z", "modified": "2016-08-29T14:37:40.000Z", "description": "download location", "pattern": "[url:value = 'http://iesjaumei.edu.gva.es/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b4-97c4-4f65-9040-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:40.000Z", "modified": "2016-08-29T14:37:40.000Z", "description": "download location", "pattern": "[url:value = 'http://immobilien1000.de/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b4-ac6c-41af-88eb-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:40.000Z", "modified": "2016-08-29T14:37:40.000Z", "description": "download location", "pattern": "[url:value = 'http://lokum1985.republika.pl/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b5-dc44-4f4c-9f96-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:41.000Z", "modified": "2016-08-29T14:37:41.000Z", "description": "download location", "pattern": "[url:value = 'http://spaceinn.co.jp/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b5-1c80-49fb-8b80-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:41.000Z", "modified": "2016-08-29T14:37:41.000Z", "description": "download location", "pattern": "[url:value = 'http://vicariassicurazioni.it/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b5-98ac-47aa-a224-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:41.000Z", "modified": "2016-08-29T14:37:41.000Z", "description": "download location", "pattern": "[url:value = 'http://www.agriturismoigirasoli.it/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b5-2024-4b77-8754-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:41.000Z", "modified": "2016-08-29T14:37:41.000Z", "description": "download location", "pattern": "[url:value = 'http://www.dondana.com/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b6-72d8-480f-8832-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:42.000Z", "modified": "2016-08-29T14:37:42.000Z", "description": "download location", "pattern": "[url:value = 'http://www.epikal.go.ro/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b6-4e44-4ee8-91b0-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:42.000Z", "modified": "2016-08-29T14:37:42.000Z", "description": "download location", "pattern": "[url:value = 'http://www.fenit.net/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b6-0c9c-4e72-ae3b-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:42.000Z", "modified": "2016-08-29T14:37:42.000Z", "description": "download location", "pattern": "[url:value = 'http://www.jan-wallner.de/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b6-0210-425a-920d-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:42.000Z", "modified": "2016-08-29T14:37:42.000Z", "description": "download location", "pattern": "[url:value = 'http://www.kurtoskalacs.go.ro/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b6-1668-4673-8c08-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:42.000Z", "modified": "2016-08-29T14:37:42.000Z", "description": "download location", "pattern": "[url:value = 'http://www.lagottoromagnolo.be/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b7-55c4-494e-bf7e-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:43.000Z", "modified": "2016-08-29T14:37:43.000Z", "description": "download location", "pattern": "[url:value = 'http://www.qualityacoustic.comcastbiz.net/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b7-e0c0-4e37-9022-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:43.000Z", "modified": "2016-08-29T14:37:43.000Z", "description": "download location", "pattern": "[url:value = 'http://xelagon.50webs.org/78yhuinFYs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b7-e928-4771-b7d9-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:43.000Z", "modified": "2016-08-29T14:37:43.000Z", "description": "download location", "pattern": "[domain-name:value = 'iesjaumei.edu.gva.es']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b7-f9d8-4db8-8bcf-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:43.000Z", "modified": "2016-08-29T14:37:43.000Z", "description": "download location", "pattern": "[domain-name:value = 'immobilien1000.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b8-18e0-44c4-b7f2-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:44.000Z", "modified": "2016-08-29T14:37:44.000Z", "description": "download location", "pattern": "[domain-name:value = 'lokum1985.republika.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b8-8f24-4887-ad9d-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:44.000Z", "modified": "2016-08-29T14:37:44.000Z", "description": "download location", "pattern": "[domain-name:value = 'spaceinn.co.jp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b8-514c-484d-bf81-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:44.000Z", "modified": "2016-08-29T14:37:44.000Z", "description": "download location", "pattern": "[domain-name:value = 'vicariassicurazioni.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b8-cb84-4cb9-a909-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:44.000Z", "modified": "2016-08-29T14:37:44.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.agriturismoigirasoli.it']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b9-3b58-44a9-8746-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:45.000Z", "modified": "2016-08-29T14:37:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.dondana.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b9-7f7c-4f76-9335-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:45.000Z", "modified": "2016-08-29T14:37:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.epikal.go.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b9-faf8-41e3-aa93-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:45.000Z", "modified": "2016-08-29T14:37:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.fenit.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b9-3e80-4f21-9e53-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:45.000Z", "modified": "2016-08-29T14:37:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.jan-wallner.de']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448b9-ebdc-4902-8659-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:45.000Z", "modified": "2016-08-29T14:37:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.kurtoskalacs.go.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448ba-c980-48e1-8586-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:46.000Z", "modified": "2016-08-29T14:37:46.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.lagottoromagnolo.be']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448ba-c04c-48b8-ad39-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:46.000Z", "modified": "2016-08-29T14:37:46.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.qualityacoustic.comcastbiz.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--57c448ba-63b8-4f9d-ab76-7a54950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-08-29T14:37:46.000Z", "modified": "2016-08-29T14:37:46.000Z", "description": "download location", "pattern": "[domain-name:value = 'xelagon.50webs.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-08-29T14:37:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }