{ "type": "bundle", "id": "bundle--585251ea-ab8c-40bc-86e0-436b950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:14.000Z", "modified": "2016-12-15T08:27:14.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--585251ea-ab8c-40bc-86e0-436b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:14.000Z", "modified": "2016-12-15T08:27:14.000Z", "name": "Malspam 2016-12-15 (.js in .zip) - campaign: \"Amount Payable\"", "published": "2016-12-15T08:28:51Z", "object_refs": [ "indicator--5852538c-4630-422c-8225-47d5950d210f", "indicator--5852538d-f14c-44c3-951f-4e05950d210f", "indicator--5852538e-1cb4-46b6-acac-4a57950d210f", "indicator--5852538e-dcfc-4c99-8c7c-40d8950d210f", "indicator--5852538f-1d28-4fd9-aa53-4868950d210f", "indicator--5852538f-5d70-4419-8fab-4d97950d210f", "indicator--58525390-3310-42eb-8e4c-4603950d210f", "indicator--58525390-99b4-4013-8c07-40d4950d210f", "indicator--58525391-4844-4372-9ae8-4475950d210f", "indicator--58525391-9888-4154-b5b1-44cf950d210f", "indicator--58525392-797c-4ddf-9444-47df950d210f", "indicator--58525392-085c-44e9-b971-4533950d210f", "indicator--58525393-5220-49a0-baa8-4437950d210f", "indicator--58525393-8a60-40cd-9d1d-4728950d210f", "indicator--58525394-c6bc-4c2c-98e7-4a4c950d210f", "indicator--58525395-97b8-4690-a799-4fc8950d210f", "indicator--58525395-aa5c-4e55-8318-4630950d210f", "indicator--58525396-9f44-46fb-a040-4d0e950d210f", "indicator--58525396-3768-49cc-b584-4f7f950d210f", "indicator--58525397-2420-4df0-8316-49c7950d210f", "indicator--58525398-5d78-49ef-a9e0-457b950d210f", "indicator--58525398-a6d4-4743-b432-45fa950d210f", "indicator--58525399-6f08-489e-a197-402b950d210f", "indicator--58525399-6f40-4c2b-af2e-4c59950d210f", "indicator--5852539a-d69c-46dd-8413-4a2c950d210f", "indicator--5852539a-c0bc-4bd7-8eda-4770950d210f", "indicator--5852539b-44a0-4098-8682-48bf950d210f", "indicator--5852539b-5e5c-40d2-a73b-444c950d210f", "indicator--5852539c-ad50-4ea9-abb2-49c6950d210f", "indicator--5852539c-d200-4baf-ad55-4952950d210f", "indicator--5852539d-8320-4c85-a712-4d4f950d210f", "indicator--5852539d-d1f4-4dd4-91ed-4bc8950d210f", "indicator--5852539d-1b7c-4361-aaec-4f71950d210f", "indicator--5852539e-d3ec-4a7e-8a72-45e3950d210f", "indicator--5852539e-4358-4a19-a3ee-4222950d210f", "indicator--5852539f-5830-4a96-85c8-4fdb950d210f", "indicator--5852539f-d568-40c8-a185-405f950d210f", "indicator--585253a0-7fc8-4aa3-bc82-449e950d210f", "indicator--585253a0-b66c-475d-8489-4c43950d210f", "indicator--585253a1-2604-4788-bada-4f11950d210f", "indicator--585253a1-4fb0-4708-b8b4-4f15950d210f", "indicator--585253a2-5704-44d6-8b91-4a9c950d210f", "indicator--585253a2-a1d4-4672-8433-4dcd950d210f", "indicator--585253a3-9124-4463-badf-4731950d210f", "indicator--585253a3-a6b0-4f80-a861-4d6e950d210f", "indicator--585253a4-8b5c-4b07-b82f-472a950d210f", "indicator--585253a4-d3d8-4934-8bf7-4272950d210f", "indicator--585253a5-6f38-49e1-903e-4811950d210f", "indicator--585253a5-dda4-4010-a7f8-4214950d210f", "indicator--585253a6-dfdc-4a15-87ca-4e60950d210f", "indicator--585253a7-6288-4a48-a318-472d950d210f", "indicator--585253a7-c7bc-47ee-8e06-4eeb950d210f", "indicator--585253a8-4e0c-4c96-909d-482d950d210f", "indicator--585253a8-11bc-41b1-9176-41f3950d210f", "indicator--585253a9-c794-4dcf-b9f4-42ec950d210f", "indicator--585253aa-bdc0-49ed-b830-4ad5950d210f", "indicator--585253aa-7558-4c2e-b3a7-476f950d210f", "indicator--585253ab-6a20-4361-96d9-44dd950d210f", "indicator--585253ac-30a0-4766-b5d0-40a0950d210f", "indicator--585253ac-8d6c-4073-8155-43b5950d210f", "indicator--585253ad-cfdc-4eb4-ba74-4510950d210f", "indicator--585253ad-40b0-43c6-9c1d-4ce8950d210f", "indicator--585253ae-02e4-4582-b487-4858950d210f", "indicator--585253af-f7b4-40f6-8c57-44e1950d210f", "indicator--585253af-9980-4d52-b83b-4695950d210f", "indicator--585253b0-2e80-49c9-a7ea-4703950d210f", "indicator--585253b1-f984-4df0-adde-4422950d210f", "indicator--585253b1-66c0-410d-a854-4c3f950d210f", "indicator--585253b2-c0b0-42f5-8520-4781950d210f", "indicator--585253b2-3d5c-422f-8a2f-4200950d210f", "indicator--585253b3-5290-4dc0-8b88-421f950d210f", "indicator--585253b4-9734-4574-9942-4744950d210f", "indicator--585253b4-6a6c-45bb-a1df-4abc950d210f", "indicator--585253b5-4404-4cc8-81b6-4b2f950d210f", "indicator--585253b6-83cc-4aaa-90a9-4a81950d210f", "indicator--585253b6-2978-43f6-9f3a-4dbb950d210f", "indicator--585253b7-1a90-4430-8cbc-4d34950d210f", "indicator--585253b7-7d74-4e26-9d05-458b950d210f", "indicator--585253b8-d964-4881-bbec-4147950d210f", "indicator--585253b9-18cc-46d3-b322-43d3950d210f", "indicator--585253b9-210c-4226-ba21-4cb4950d210f", "indicator--585253ba-61b4-4c39-9a32-4f96950d210f", "indicator--585253bb-4878-470e-a35c-43c8950d210f", "indicator--585253bb-0d28-4870-b951-4b74950d210f", "indicator--585253bc-4470-4b3f-a203-4534950d210f", "indicator--585253bc-b940-4048-8f63-4fee950d210f", "indicator--585253bd-f05c-43e5-9318-4b03950d210f", "indicator--585253be-b9bc-430d-8a9a-4f2c950d210f", "indicator--585253be-7b50-41c7-8ef2-4970950d210f", "indicator--585253bf-231c-4c20-92d6-4579950d210f", "indicator--585253bf-5fb8-4ca3-9da4-4e9b950d210f", "indicator--585253c0-b804-4689-bc0b-449f950d210f", "indicator--585253c0-01f0-453d-bc2c-46e3950d210f", "indicator--585253c1-9984-4374-ad8a-4f00950d210f", "indicator--585253c1-75c0-4107-81af-498f950d210f", "indicator--585253c2-b184-41a1-ae80-4976950d210f", "indicator--585253c2-7d28-4e82-9776-4c47950d210f", "indicator--585253c3-2800-4744-a31e-4c86950d210f", "indicator--585253c3-4e24-48e0-85ad-43cb950d210f", "indicator--585253c4-3600-42aa-af9b-45e8950d210f", "indicator--585253c5-2d00-431b-abbb-468a950d210f", "indicator--585253c5-ed1c-427a-ac69-4fd7950d210f", "indicator--585253c6-89c0-49df-a690-4aa2950d210f", "indicator--585253c6-e1d4-440b-a0ac-4ce7950d210f", "indicator--585253c7-1044-4a51-9ec1-4b4a950d210f", "indicator--585253c8-e1c4-4941-9101-491c950d210f", "indicator--585253c8-ca40-4f17-8026-4314950d210f", "indicator--585253c9-60bc-42ff-8c45-4b4c950d210f", "indicator--585253ca-131c-4ace-8118-4119950d210f", "indicator--585253ca-405c-4844-9766-41c1950d210f", "indicator--585253cb-1018-4b44-8e3b-4a3a950d210f", "indicator--585253cb-b440-438e-b4e3-487f950d210f", "indicator--585253cc-3300-4bbb-bf39-4ed0950d210f", "indicator--585253cc-0d20-4d84-bd2d-42c8950d210f", "indicator--585253cd-d4ec-4eb3-8d72-4677950d210f", "indicator--585253cd-8b34-4e8d-8006-4d26950d210f", "indicator--585253ce-8b50-4ced-803c-4f3e950d210f", "indicator--585253ce-3f54-4cd4-958e-4351950d210f", "indicator--585253cf-66e0-4643-b04a-4150950d210f", "indicator--585253cf-8098-44f7-b88e-4b39950d210f", "indicator--585253d0-cd68-4029-8edd-4695950d210f", "indicator--585253d0-f3fc-4392-8017-411c950d210f", "indicator--585253d1-16ec-4eb2-a412-43d9950d210f", "indicator--585253d1-3bd4-40a8-ab43-4e5c950d210f", "indicator--585253d2-c5ec-403f-bf99-4b71950d210f", "indicator--585253d2-0978-4827-bf60-4e71950d210f", "indicator--585253d3-e470-4204-b953-4be1950d210f", "indicator--585253d3-3fcc-4002-a51f-4176950d210f", "indicator--585253d4-612c-40a2-807b-4f14950d210f", "indicator--585253d4-e378-486f-8f88-40f6950d210f", "indicator--585253d5-cc54-489b-b0e1-4785950d210f", "indicator--585253d5-e53c-48d9-9edd-4739950d210f", "indicator--585253d6-1a0c-46d6-b4b7-48f3950d210f", "indicator--585253d6-b124-4dff-a42c-44b8950d210f", "indicator--585253d7-04cc-46b7-b349-47b9950d210f", "indicator--585253d7-b75c-48f1-b68e-4f56950d210f", "indicator--585253d7-0b3c-41e9-9b2c-40cd950d210f", "indicator--585253d7-5500-4c7e-9d85-4811950d210f", "indicator--585253d8-d678-47bf-9cec-410f950d210f", "indicator--585253d8-64ec-43c9-8ae4-45c8950d210f", "indicator--585253d8-4860-4836-9f8b-479d950d210f", "indicator--585253d9-b744-462a-a1c4-4823950d210f", "indicator--585253d9-a820-45d5-b144-4cff950d210f", "indicator--585253d9-4bc4-4e14-b824-4892950d210f", "indicator--585253da-c958-4f15-b0ef-4c06950d210f", "indicator--585253da-e998-482b-be91-4875950d210f", "indicator--585253da-3660-4a22-94ef-4e15950d210f", "indicator--585253da-2b00-4e19-92a0-44b7950d210f", "indicator--585253da-bee8-4c3d-9f77-4b5c950d210f", "indicator--585253db-9a48-42a4-b53b-496a950d210f", "indicator--585253db-5e28-433f-9966-4499950d210f", "indicator--585253db-7958-4345-bc4b-4a43950d210f", "indicator--585253db-8890-4d54-87bf-489e950d210f", "indicator--585253dc-bf24-4dfb-8def-4d78950d210f", "indicator--585253dc-8e94-401c-9e7d-4a22950d210f", "indicator--585253dc-25f4-45a4-8ddb-486d950d210f", "indicator--585253dd-29fc-496c-8ed2-42bc950d210f", "indicator--585253dd-9ce4-4a63-ac73-4b8a950d210f", "indicator--585253dd-e560-4310-a96e-4e78950d210f", "indicator--585253dd-b3d8-499e-a70d-46fb950d210f", "indicator--585253de-d438-4f67-8e30-45c1950d210f", "indicator--585253de-2590-4f46-a991-43e4950d210f", "indicator--585253de-3ff0-4aa3-a1f3-4389950d210f", "indicator--585253de-de2c-4aae-ad02-4b6f950d210f", "indicator--585253df-7078-47c1-b663-47f9950d210f", "indicator--585253df-1390-4db6-bbae-4a30950d210f", "indicator--585253df-d7fc-4013-96b4-43a8950d210f", "indicator--585253df-88f8-4847-8cbd-4191950d210f", "indicator--585253df-5898-4927-ba4b-4d42950d210f", "indicator--585253e0-bb30-49d8-9051-4917950d210f", "indicator--585253e0-7abc-42ed-b2eb-4dde950d210f", "indicator--585253e0-754c-4220-b2ce-48fc950d210f", "indicator--585253e0-4520-446b-8da4-4236950d210f", "indicator--585253e1-aed0-4fe4-b530-44af950d210f", "indicator--585253e1-bd84-4d5f-912d-490f950d210f", "indicator--585253e1-d824-41ab-9e75-47c9950d210f", "indicator--585253e1-4aa0-43c1-b5ba-4451950d210f", "indicator--585253e2-40f0-4f34-a7bb-4195950d210f", "indicator--585253e2-fe74-4c1e-aca2-4066950d210f", "indicator--585253e2-b4c8-4578-b59f-455f950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "circl:incident-classification=\"malware\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852538c-4630-422c-8225-47d5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:48.000Z", "modified": "2016-12-15T08:25:48.000Z", "description": "download location", "pattern": "[url:value = 'http://crolic88.myjino.ru/1ddig']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852538d-f14c-44c3-951f-4e05950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:49.000Z", "modified": "2016-12-15T08:25:49.000Z", "description": "download location", "pattern": "[domain-name:value = 'crolic88.myjino.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852538e-1cb4-46b6-acac-4a57950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:50.000Z", "modified": "2016-12-15T08:25:50.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.141.202']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852538e-dcfc-4c99-8c7c-40d8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:50.000Z", "modified": "2016-12-15T08:25:50.000Z", "description": "download location", "pattern": "[url:value = 'http://wszystkodokuchni.pl/sl5yko7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852538f-1d28-4fd9-aa53-4868950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:51.000Z", "modified": "2016-12-15T08:25:51.000Z", "description": "download location", "pattern": "[domain-name:value = 'wszystkodokuchni.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852538f-5d70-4419-8fab-4d97950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:51.000Z", "modified": "2016-12-15T08:25:51.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.237.52.150']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525390-3310-42eb-8e4c-4603950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:52.000Z", "modified": "2016-12-15T08:25:52.000Z", "description": "download location", "pattern": "[url:value = 'http://zzzort10xtest123.com/nin5k3bwo']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525390-99b4-4013-8c07-40d4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:52.000Z", "modified": "2016-12-15T08:25:52.000Z", "description": "download location", "pattern": "[domain-name:value = 'zzzort10xtest123.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525391-4844-4372-9ae8-4475950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:53.000Z", "modified": "2016-12-15T08:25:53.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.235.144.9']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525391-9888-4154-b5b1-44cf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:53.000Z", "modified": "2016-12-15T08:25:53.000Z", "description": "download location", "pattern": "[url:value = 'http://fyd123.cn/kib6h2d9ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525392-797c-4ddf-9444-47df950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:54.000Z", "modified": "2016-12-15T08:25:54.000Z", "description": "download location", "pattern": "[domain-name:value = 'fyd123.cn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525392-085c-44e9-b971-4533950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:54.000Z", "modified": "2016-12-15T08:25:54.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '218.8.245.83']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525393-5220-49a0-baa8-4437950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:55.000Z", "modified": "2016-12-15T08:25:55.000Z", "description": "download location", "pattern": "[url:value = 'http://scaune.qmagazin.ro/5hktu4h']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525393-8a60-40cd-9d1d-4728950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:55.000Z", "modified": "2016-12-15T08:25:55.000Z", "description": "download location", "pattern": "[domain-name:value = 'scaune.qmagazin.ro']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525394-c6bc-4c2c-98e7-4a4c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:56.000Z", "modified": "2016-12-15T08:25:56.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.115.108.232']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525395-97b8-4690-a799-4fc8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:57.000Z", "modified": "2016-12-15T08:25:57.000Z", "description": "download location", "pattern": "[url:value = 'http://vaaren.dk/ogcz6ys0d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525395-aa5c-4e55-8318-4630950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:57.000Z", "modified": "2016-12-15T08:25:57.000Z", "description": "download location", "pattern": "[domain-name:value = 'vaaren.dk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525396-9f44-46fb-a040-4d0e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:58.000Z", "modified": "2016-12-15T08:25:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.231.108.221']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525396-3768-49cc-b584-4f7f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:58.000Z", "modified": "2016-12-15T08:25:58.000Z", "description": "download location", "pattern": "[url:value = 'http://zhiyuw.com/qfbdcvrul']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525397-2420-4df0-8316-49c7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:25:59.000Z", "modified": "2016-12-15T08:25:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'zhiyuw.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:25:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525398-5d78-49ef-a9e0-457b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:00.000Z", "modified": "2016-12-15T08:26:00.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '120.210.204.33']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525398-a6d4-4743-b432-45fa950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:00.000Z", "modified": "2016-12-15T08:26:00.000Z", "description": "download location", "pattern": "[url:value = 'http://jianhu365.com/z9puqdj2eu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525399-6f08-489e-a197-402b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:01.000Z", "modified": "2016-12-15T08:26:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'jianhu365.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--58525399-6f40-4c2b-af2e-4c59950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:01.000Z", "modified": "2016-12-15T08:26:01.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '1.82.184.190']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539a-d69c-46dd-8413-4a2c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:02.000Z", "modified": "2016-12-15T08:26:02.000Z", "description": "download location", "pattern": "[url:value = 'http://innercityarts.squaremdesign.com/dyo1w7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539a-c0bc-4bd7-8eda-4770950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:02.000Z", "modified": "2016-12-15T08:26:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'innercityarts.squaremdesign.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539b-44a0-4098-8682-48bf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:03.000Z", "modified": "2016-12-15T08:26:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '184.154.88.98']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539b-5e5c-40d2-a73b-444c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:03.000Z", "modified": "2016-12-15T08:26:03.000Z", "description": "download location", "pattern": "[url:value = 'http://www.myboatplans.net/6d7ukeco6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539c-ad50-4ea9-abb2-49c6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:04.000Z", "modified": "2016-12-15T08:26:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.myboatplans.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539c-d200-4baf-ad55-4952950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:04.000Z", "modified": "2016-12-15T08:26:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.81.171']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539d-8320-4c85-a712-4d4f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:05.000Z", "modified": "2016-12-15T08:26:05.000Z", "description": "download location", "pattern": "[url:value = 'http://trietlong.net/heyus']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539d-d1f4-4dd4-91ed-4bc8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:05.000Z", "modified": "2016-12-15T08:26:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'trietlong.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539d-1b7c-4361-aaec-4f71950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:05.000Z", "modified": "2016-12-15T08:26:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.232.121.92']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539e-d3ec-4a7e-8a72-45e3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:06.000Z", "modified": "2016-12-15T08:26:06.000Z", "description": "download location", "pattern": "[url:value = 'http://wiselysoft.com/qcymgbug7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539e-4358-4a19-a3ee-4222950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:06.000Z", "modified": "2016-12-15T08:26:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'wiselysoft.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539f-5830-4a96-85c8-4fdb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:07.000Z", "modified": "2016-12-15T08:26:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.51.106']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5852539f-d568-40c8-a185-405f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:07.000Z", "modified": "2016-12-15T08:26:07.000Z", "description": "download location", "pattern": "[url:value = 'http://viscarci.com/wyqs6353']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a0-7fc8-4aa3-bc82-449e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:08.000Z", "modified": "2016-12-15T08:26:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'viscarci.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a0-b66c-475d-8489-4c43950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:08.000Z", "modified": "2016-12-15T08:26:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '120.39.243.225']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a1-2604-4788-bada-4f11950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:09.000Z", "modified": "2016-12-15T08:26:09.000Z", "description": "download location", "pattern": "[url:value = 'http://asdream.pl/gbbs1c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a1-4fb0-4708-b8b4-4f15950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:09.000Z", "modified": "2016-12-15T08:26:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'asdream.pl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a2-5704-44d6-8b91-4a9c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:10.000Z", "modified": "2016-12-15T08:26:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.225.28.210']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a2-a1d4-4672-8433-4dcd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:10.000Z", "modified": "2016-12-15T08:26:10.000Z", "description": "download location", "pattern": "[url:value = 'http://obaloco.com.br/67mfj']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a3-9124-4463-badf-4731950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:11.000Z", "modified": "2016-12-15T08:26:11.000Z", "description": "download location", "pattern": "[domain-name:value = 'obaloco.com.br']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a3-a6b0-4f80-a861-4d6e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:11.000Z", "modified": "2016-12-15T08:26:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.52.160.43']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a4-8b5c-4b07-b82f-472a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:12.000Z", "modified": "2016-12-15T08:26:12.000Z", "description": "download location", "pattern": "[url:value = 'http://wx.utaidu.com/1eybujbru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a4-d3d8-4934-8bf7-4272950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:12.000Z", "modified": "2016-12-15T08:26:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'wx.utaidu.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a5-6f38-49e1-903e-4811950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:13.000Z", "modified": "2016-12-15T08:26:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.114.47.82']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a5-dda4-4010-a7f8-4214950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:13.000Z", "modified": "2016-12-15T08:26:13.000Z", "description": "download location", "pattern": "[url:value = 'http://zwljfc.com/ld1pvjozu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a6-dfdc-4a15-87ca-4e60950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:14.000Z", "modified": "2016-12-15T08:26:14.000Z", "description": "download location", "pattern": "[domain-name:value = 'zwljfc.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a7-6288-4a48-a318-472d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:15.000Z", "modified": "2016-12-15T08:26:15.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '116.255.158.164']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a7-c7bc-47ee-8e06-4eeb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:15.000Z", "modified": "2016-12-15T08:26:15.000Z", "description": "download location", "pattern": "[url:value = 'http://demo.shispare.com/bvsjq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a8-4e0c-4c96-909d-482d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:16.000Z", "modified": "2016-12-15T08:26:16.000Z", "description": "download location", "pattern": "[domain-name:value = 'demo.shispare.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a8-11bc-41b1-9176-41f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:16.000Z", "modified": "2016-12-15T08:26:16.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.208.99.93']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253a9-c794-4dcf-b9f4-42ec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:17.000Z", "modified": "2016-12-15T08:26:17.000Z", "description": "download location", "pattern": "[url:value = 'http://walkonwheels.net.au/qmd1uu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253aa-bdc0-49ed-b830-4ad5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:18.000Z", "modified": "2016-12-15T08:26:18.000Z", "description": "download location", "pattern": "[domain-name:value = 'walkonwheels.net.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253aa-7558-4c2e-b3a7-476f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:18.000Z", "modified": "2016-12-15T08:26:18.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.125.36.215']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ab-6a20-4361-96d9-44dd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:19.000Z", "modified": "2016-12-15T08:26:19.000Z", "description": "download location", "pattern": "[url:value = 'http://yukngobrol.com/h7sfu']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ac-30a0-4766-b5d0-40a0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:20.000Z", "modified": "2016-12-15T08:26:20.000Z", "description": "download location", "pattern": "[domain-name:value = 'yukngobrol.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ac-8d6c-4073-8155-43b5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:20.000Z", "modified": "2016-12-15T08:26:20.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '116.90.165.75']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ad-cfdc-4eb4-ba74-4510950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:21.000Z", "modified": "2016-12-15T08:26:21.000Z", "description": "download location", "pattern": "[url:value = 'http://atio.li/exjik']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ad-40b0-43c6-9c1d-4ce8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:21.000Z", "modified": "2016-12-15T08:26:21.000Z", "description": "download location", "pattern": "[domain-name:value = 'atio.li']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ae-02e4-4582-b487-4858950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:22.000Z", "modified": "2016-12-15T08:26:22.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.43.218.114']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253af-f7b4-40f6-8c57-44e1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:23.000Z", "modified": "2016-12-15T08:26:23.000Z", "description": "download location", "pattern": "[url:value = 'http://hedefosgb.com/dpyzsb6u']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253af-9980-4d52-b83b-4695950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:23.000Z", "modified": "2016-12-15T08:26:23.000Z", "description": "download location", "pattern": "[domain-name:value = 'hedefosgb.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b0-2e80-49c9-a7ea-4703950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:24.000Z", "modified": "2016-12-15T08:26:24.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.85.205.18']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:24Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b1-f984-4df0-adde-4422950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:25.000Z", "modified": "2016-12-15T08:26:25.000Z", "description": "download location", "pattern": "[url:value = 'http://roman64.humlak.cz/7bnisgf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b1-66c0-410d-a854-4c3f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:25.000Z", "modified": "2016-12-15T08:26:25.000Z", "description": "download location", "pattern": "[domain-name:value = 'roman64.humlak.cz']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:25Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b2-c0b0-42f5-8520-4781950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:26.000Z", "modified": "2016-12-15T08:26:26.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.12.32.194']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b2-3d5c-422f-8a2f-4200950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:26.000Z", "modified": "2016-12-15T08:26:26.000Z", "description": "download location", "pattern": "[url:value = 'http://catherineduret.ch/5qpqi5ezp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b3-5290-4dc0-8b88-421f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:27.000Z", "modified": "2016-12-15T08:26:27.000Z", "description": "download location", "pattern": "[domain-name:value = 'catherineduret.ch']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:27Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b4-9734-4574-9942-4744950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:28.000Z", "modified": "2016-12-15T08:26:28.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.16.80.74']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b4-6a6c-45bb-a1df-4abc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:28.000Z", "modified": "2016-12-15T08:26:28.000Z", "description": "download location", "pattern": "[url:value = 'http://rulebraker.ru/zsw4cnf9o']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:28Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b5-4404-4cc8-81b6-4b2f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:29.000Z", "modified": "2016-12-15T08:26:29.000Z", "description": "download location", "pattern": "[domain-name:value = 'rulebraker.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:29Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b6-83cc-4aaa-90a9-4a81950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:30.000Z", "modified": "2016-12-15T08:26:30.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.137.163.52']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b6-2978-43f6-9f3a-4dbb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:30.000Z", "modified": "2016-12-15T08:26:30.000Z", "description": "download location", "pattern": "[url:value = 'http://test.sousouyo.com/feaetpnuee']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:30Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b7-1a90-4430-8cbc-4d34950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:31.000Z", "modified": "2016-12-15T08:26:31.000Z", "description": "download location", "pattern": "[domain-name:value = 'test.sousouyo.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b7-7d74-4e26-9d05-458b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:31.000Z", "modified": "2016-12-15T08:26:31.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.83.80.26']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:31Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b8-d964-4881-bbec-4147950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:32.000Z", "modified": "2016-12-15T08:26:32.000Z", "description": "download location", "pattern": "[url:value = 'http://tx318.com/kqe4ca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:32Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b9-18cc-46d3-b322-43d3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:33.000Z", "modified": "2016-12-15T08:26:33.000Z", "description": "download location", "pattern": "[domain-name:value = 'tx318.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253b9-210c-4226-ba21-4cb4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:33.000Z", "modified": "2016-12-15T08:26:33.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.12.89.24']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:33Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ba-61b4-4c39-9a32-4f96950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:34.000Z", "modified": "2016-12-15T08:26:34.000Z", "description": "download location", "pattern": "[url:value = 'http://ucbus.net/usdxqqt6']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:34Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253bb-4878-470e-a35c-43c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:35.000Z", "modified": "2016-12-15T08:26:35.000Z", "description": "download location", "pattern": "[domain-name:value = 'ucbus.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253bb-0d28-4870-b951-4b74950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:35.000Z", "modified": "2016-12-15T08:26:35.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.149.250.179']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:35Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253bc-4470-4b3f-a203-4534950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:36.000Z", "modified": "2016-12-15T08:26:36.000Z", "description": "download location", "pattern": "[url:value = 'http://casino-okinawa.com/ejguf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253bc-b940-4048-8f63-4fee950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:36.000Z", "modified": "2016-12-15T08:26:36.000Z", "description": "download location", "pattern": "[domain-name:value = 'casino-okinawa.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:36Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253bd-f05c-43e5-9318-4b03950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:37.000Z", "modified": "2016-12-15T08:26:37.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '157.7.188.216']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:37Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253be-b9bc-430d-8a9a-4f2c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:38.000Z", "modified": "2016-12-15T08:26:38.000Z", "description": "download location", "pattern": "[url:value = 'http://buhoutserts.ru/ufdazc6vv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253be-7b50-41c7-8ef2-4970950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:38.000Z", "modified": "2016-12-15T08:26:38.000Z", "description": "download location", "pattern": "[domain-name:value = 'buhoutserts.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253bf-231c-4c20-92d6-4579950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:39.000Z", "modified": "2016-12-15T08:26:39.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.110.61.97']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253bf-5fb8-4ca3-9da4-4e9b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:39.000Z", "modified": "2016-12-15T08:26:39.000Z", "description": "download location", "pattern": "[url:value = 'http://web-shuttle.in/eeo9oc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c0-b804-4689-bc0b-449f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:40.000Z", "modified": "2016-12-15T08:26:40.000Z", "description": "download location", "pattern": "[domain-name:value = 'web-shuttle.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c0-01f0-453d-bc2c-46e3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:40.000Z", "modified": "2016-12-15T08:26:40.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.47.3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c1-9984-4374-ad8a-4f00950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:41.000Z", "modified": "2016-12-15T08:26:41.000Z", "description": "download location", "pattern": "[url:value = 'http://xlr8services.com/n970foumf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c1-75c0-4107-81af-498f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:41.000Z", "modified": "2016-12-15T08:26:41.000Z", "description": "download location", "pattern": "[domain-name:value = 'xlr8services.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c2-b184-41a1-ae80-4976950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:42.000Z", "modified": "2016-12-15T08:26:42.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.139.23.2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c2-7d28-4e82-9776-4c47950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:42.000Z", "modified": "2016-12-15T08:26:42.000Z", "description": "download location", "pattern": "[url:value = 'http://chinaxw.org/xw1ju7y6zc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c3-2800-4744-a31e-4c86950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:43.000Z", "modified": "2016-12-15T08:26:43.000Z", "description": "download location", "pattern": "[domain-name:value = 'chinaxw.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c3-4e24-48e0-85ad-43cb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:43.000Z", "modified": "2016-12-15T08:26:43.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.209.73.120']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c4-3600-42aa-af9b-45e8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:44.000Z", "modified": "2016-12-15T08:26:44.000Z", "description": "download location", "pattern": "[url:value = 'http://wudiai.com/mc3hnwd']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c5-2d00-431b-abbb-468a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:45.000Z", "modified": "2016-12-15T08:26:45.000Z", "description": "download location", "pattern": "[domain-name:value = 'wudiai.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c5-ed1c-427a-ac69-4fd7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:45.000Z", "modified": "2016-12-15T08:26:45.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '119.29.9.237']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c6-89c0-49df-a690-4aa2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:46.000Z", "modified": "2016-12-15T08:26:46.000Z", "description": "download location", "pattern": "[url:value = 'http://slankmethode.nl/4zzq1am']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c6-e1d4-440b-a0ac-4ce7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:46.000Z", "modified": "2016-12-15T08:26:46.000Z", "description": "download location", "pattern": "[domain-name:value = 'slankmethode.nl']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c7-1044-4a51-9ec1-4b4a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:47.000Z", "modified": "2016-12-15T08:26:47.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.244.181.204']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c8-e1c4-4941-9101-491c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:48.000Z", "modified": "2016-12-15T08:26:48.000Z", "description": "download location", "pattern": "[url:value = 'http://hlonline.kentucky.com/i7z78']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c8-ca40-4f17-8026-4314950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:48.000Z", "modified": "2016-12-15T08:26:48.000Z", "description": "download location", "pattern": "[domain-name:value = 'hlonline.kentucky.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253c9-60bc-42ff-8c45-4b4c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:49.000Z", "modified": "2016-12-15T08:26:49.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.139.251.11']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ca-131c-4ace-8118-4119950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:49.000Z", "modified": "2016-12-15T08:26:49.000Z", "description": "download location", "pattern": "[url:value = 'http://theamericanwake.com/xw1ju7y6zc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ca-405c-4844-9766-41c1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:50.000Z", "modified": "2016-12-15T08:26:50.000Z", "description": "download location", "pattern": "[domain-name:value = 'theamericanwake.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cb-1018-4b44-8e3b-4a3a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:51.000Z", "modified": "2016-12-15T08:26:51.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.56.45.17']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cb-b440-438e-b4e3-487f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:51.000Z", "modified": "2016-12-15T08:26:51.000Z", "description": "download location", "pattern": "[url:value = 'http://0668.com/k5bhgn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cc-3300-4bbb-bf39-4ed0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:52.000Z", "modified": "2016-12-15T08:26:52.000Z", "description": "download location", "pattern": "[domain-name:value = '0668.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cc-0d20-4d84-bd2d-42c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:52.000Z", "modified": "2016-12-15T08:26:52.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '121.10.141.46']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cd-d4ec-4eb3-8d72-4677950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:53.000Z", "modified": "2016-12-15T08:26:53.000Z", "description": "download location", "pattern": "[url:value = 'http://braindouble.com/uycx51ix']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cd-8b34-4e8d-8006-4d26950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:53.000Z", "modified": "2016-12-15T08:26:53.000Z", "description": "download location", "pattern": "[domain-name:value = 'braindouble.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ce-8b50-4ced-803c-4f3e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:54.000Z", "modified": "2016-12-15T08:26:54.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.45.186.214']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253ce-3f54-4cd4-958e-4351950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:54.000Z", "modified": "2016-12-15T08:26:54.000Z", "description": "download location", "pattern": "[url:value = 'http://youspeak.pt/liowrtxs']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cf-66e0-4643-b04a-4150950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:55.000Z", "modified": "2016-12-15T08:26:55.000Z", "description": "download location", "pattern": "[domain-name:value = 'youspeak.pt']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253cf-8098-44f7-b88e-4b39950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:55.000Z", "modified": "2016-12-15T08:26:55.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.71.40.117']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d0-cd68-4029-8edd-4695950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:56.000Z", "modified": "2016-12-15T08:26:56.000Z", "description": "download location", "pattern": "[url:value = 'http://chungcuvinhomemydinh.com/6dvjasf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d0-f3fc-4392-8017-411c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:56.000Z", "modified": "2016-12-15T08:26:56.000Z", "description": "download location", "pattern": "[domain-name:value = 'chungcuvinhomemydinh.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d1-16ec-4eb2-a412-43d9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:57.000Z", "modified": "2016-12-15T08:26:57.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '123.30.50.11']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d1-3bd4-40a8-ab43-4e5c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:57.000Z", "modified": "2016-12-15T08:26:57.000Z", "description": "download location", "pattern": "[url:value = 'http://windshieldrepairvancouver.ca/qcp8k7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d2-c5ec-403f-bf99-4b71950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:58.000Z", "modified": "2016-12-15T08:26:58.000Z", "description": "download location", "pattern": "[domain-name:value = 'windshieldrepairvancouver.ca']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d2-0978-4827-bf60-4e71950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:58.000Z", "modified": "2016-12-15T08:26:58.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '68.65.122.56']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d3-e470-4204-b953-4be1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:59.000Z", "modified": "2016-12-15T08:26:59.000Z", "description": "download location", "pattern": "[url:value = 'http://forbrent.com/h9kqgq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d3-3fcc-4002-a51f-4176950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:26:59.000Z", "modified": "2016-12-15T08:26:59.000Z", "description": "download location", "pattern": "[domain-name:value = 'forbrent.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:26:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d4-612c-40a2-807b-4f14950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:00.000Z", "modified": "2016-12-15T08:27:00.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.104.177.207']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d4-e378-486f-8f88-40f6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:00.000Z", "modified": "2016-12-15T08:27:00.000Z", "description": "download location", "pattern": "[url:value = 'http://www.espansioneimmobiliare.com/akktnck']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d5-cc54-489b-b0e1-4785950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:01.000Z", "modified": "2016-12-15T08:27:01.000Z", "description": "download location", "pattern": "[domain-name:value = 'www.espansioneimmobiliare.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d5-e53c-48d9-9edd-4739950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:01.000Z", "modified": "2016-12-15T08:27:01.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.1.182.4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d6-1a0c-46d6-b4b7-48f3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:02.000Z", "modified": "2016-12-15T08:27:02.000Z", "description": "download location", "pattern": "[url:value = 'http://malamut.org/gizb2zq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d6-b124-4dff-a42c-44b8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:02.000Z", "modified": "2016-12-15T08:27:02.000Z", "description": "download location", "pattern": "[domain-name:value = 'malamut.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d7-04cc-46b7-b349-47b9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:03.000Z", "modified": "2016-12-15T08:27:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.85.104.64']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d7-b75c-48f1-b68e-4f56950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:03.000Z", "modified": "2016-12-15T08:27:03.000Z", "description": "download location", "pattern": "[url:value = 'http://u-niwon.com/kmjg6j9ske']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d7-0b3c-41e9-9b2c-40cd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:03.000Z", "modified": "2016-12-15T08:27:03.000Z", "description": "download location", "pattern": "[domain-name:value = 'u-niwon.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d7-5500-4c7e-9d85-4811950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:03.000Z", "modified": "2016-12-15T08:27:03.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '218.232.104.232']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d8-d678-47bf-9cec-410f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:04.000Z", "modified": "2016-12-15T08:27:04.000Z", "description": "download location", "pattern": "[url:value = 'http://groupeelectrogeneservice.com/eefpeywf9z']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d8-64ec-43c9-8ae4-45c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:04.000Z", "modified": "2016-12-15T08:27:04.000Z", "description": "download location", "pattern": "[domain-name:value = 'groupeelectrogeneservice.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d8-4860-4836-9f8b-479d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:04.000Z", "modified": "2016-12-15T08:27:04.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.160.233.132']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d9-b744-462a-a1c4-4823950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:05.000Z", "modified": "2016-12-15T08:27:05.000Z", "description": "download location", "pattern": "[url:value = 'http://tecnomundo.uy/a8rnlgzv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d9-a820-45d5-b144-4cff950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:05.000Z", "modified": "2016-12-15T08:27:05.000Z", "description": "download location", "pattern": "[domain-name:value = 'tecnomundo.uy']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253d9-4bc4-4e14-b824-4892950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:05.000Z", "modified": "2016-12-15T08:27:05.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.236.44.34']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253da-c958-4f15-b0ef-4c06950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:06.000Z", "modified": "2016-12-15T08:27:06.000Z", "description": "download location", "pattern": "[url:value = 'http://peopleprofit.in/pyihdg']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253da-e998-482b-be91-4875950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:06.000Z", "modified": "2016-12-15T08:27:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'peopleprofit.in']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253da-3660-4a22-94ef-4e15950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:06.000Z", "modified": "2016-12-15T08:27:06.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.253.125.240']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253da-2b00-4e19-92a0-44b7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:06.000Z", "modified": "2016-12-15T08:27:06.000Z", "description": "download location", "pattern": "[url:value = 'http://wdcd999.com/lm5z2snyqn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253da-bee8-4c3d-9f77-4b5c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:06.000Z", "modified": "2016-12-15T08:27:06.000Z", "description": "download location", "pattern": "[domain-name:value = 'wdcd999.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253db-9a48-42a4-b53b-496a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:07.000Z", "modified": "2016-12-15T08:27:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '182.92.194.205']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253db-5e28-433f-9966-4499950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:07.000Z", "modified": "2016-12-15T08:27:07.000Z", "description": "download location", "pattern": "[url:value = 'http://szwanrong.com/x5qxzpjsi']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253db-7958-4345-bc4b-4a43950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:07.000Z", "modified": "2016-12-15T08:27:07.000Z", "description": "download location", "pattern": "[domain-name:value = 'szwanrong.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253db-8890-4d54-87bf-489e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:07.000Z", "modified": "2016-12-15T08:27:07.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '119.29.99.214']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253dc-bf24-4dfb-8def-4d78950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:08.000Z", "modified": "2016-12-15T08:27:08.000Z", "description": "download location", "pattern": "[url:value = 'http://subys.com/mjguriv80']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253dc-8e94-401c-9e7d-4a22950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:08.000Z", "modified": "2016-12-15T08:27:08.000Z", "description": "download location", "pattern": "[domain-name:value = 'subys.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253dc-25f4-45a4-8ddb-486d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:08.000Z", "modified": "2016-12-15T08:27:08.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '180.71.58.101']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253dd-29fc-496c-8ed2-42bc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:09.000Z", "modified": "2016-12-15T08:27:09.000Z", "description": "download location", "pattern": "[url:value = 'http://test1.giaiphaponline.org/0ytdjs1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253dd-9ce4-4a63-ac73-4b8a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:09.000Z", "modified": "2016-12-15T08:27:09.000Z", "description": "download location", "pattern": "[domain-name:value = 'test1.giaiphaponline.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253dd-e560-4310-a96e-4e78950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:09.000Z", "modified": "2016-12-15T08:27:09.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.227.177.226']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253dd-b3d8-499e-a70d-46fb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:09.000Z", "modified": "2016-12-15T08:27:09.000Z", "description": "download location", "pattern": "[url:value = 'http://bappeda.dharmasrayakab.go.id/dlhalychp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253de-d438-4f67-8e30-45c1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:10.000Z", "modified": "2016-12-15T08:27:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'bappeda.dharmasrayakab.go.id']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253de-2590-4f46-a991-43e4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:10.000Z", "modified": "2016-12-15T08:27:10.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '222.124.129.173']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253de-3ff0-4aa3-a1f3-4389950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:10.000Z", "modified": "2016-12-15T08:27:10.000Z", "description": "download location", "pattern": "[url:value = 'http://anti-dust.ru/7k6cp']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253de-de2c-4aae-ad02-4b6f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:10.000Z", "modified": "2016-12-15T08:27:10.000Z", "description": "download location", "pattern": "[domain-name:value = 'anti-dust.ru']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253df-7078-47c1-b663-47f9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:11.000Z", "modified": "2016-12-15T08:27:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.76.46.154']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253df-1390-4db6-bbae-4a30950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:11.000Z", "modified": "2016-12-15T08:27:11.000Z", "description": "download location", "pattern": "[url:value = 'http://250sb.com./jynvmx']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253df-d7fc-4013-96b4-43a8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:11.000Z", "modified": "2016-12-15T08:27:11.000Z", "description": "download location", "pattern": "[domain-name:value = '250sb.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253df-88f8-4847-8cbd-4191950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:11.000Z", "modified": "2016-12-15T08:27:11.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.244.68.61']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253df-5898-4927-ba4b-4d42950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:11.000Z", "modified": "2016-12-15T08:27:11.000Z", "description": "download location", "pattern": "[url:value = 'http://environment.ae/0od5hn']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e0-bb30-49d8-9051-4917950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:12.000Z", "modified": "2016-12-15T08:27:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'environment.ae']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e0-7abc-42ed-b2eb-4dde950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:12.000Z", "modified": "2016-12-15T08:27:12.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.48.111.60']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e0-754c-4220-b2ce-48fc950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:12.000Z", "modified": "2016-12-15T08:27:12.000Z", "description": "download location", "pattern": "[url:value = 'http://travelinsider.com.au/mwaefb4b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e0-4520-446b-8da4-4236950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:12.000Z", "modified": "2016-12-15T08:27:12.000Z", "description": "download location", "pattern": "[domain-name:value = 'travelinsider.com.au']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e1-aed0-4fe4-b530-44af950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:13.000Z", "modified": "2016-12-15T08:27:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.98.84.123']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e1-bd84-4d5f-912d-490f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:13.000Z", "modified": "2016-12-15T08:27:13.000Z", "description": "download location", "pattern": "[url:value = 'http://xn--k1affefe.xn--p1ai/8wzzjk24u']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e1-d824-41ab-9e75-47c9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:13.000Z", "modified": "2016-12-15T08:27:13.000Z", "description": "download location", "pattern": "[file:name = 'xn--k1affefe.xn--p1ai']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"filename\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e1-4aa0-43c1-b5ba-4451950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:13.000Z", "modified": "2016-12-15T08:27:13.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.187.239']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e2-40f0-4f34-a7bb-4195950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:14.000Z", "modified": "2016-12-15T08:27:14.000Z", "description": "download location", "pattern": "[url:value = 'http://addwords.com.tr/aah6qmhv']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"url\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e2-fe74-4c1e-aca2-4066950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:14.000Z", "modified": "2016-12-15T08:27:14.000Z", "description": "download location", "pattern": "[domain-name:value = 'addwords.com.tr']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--585253e2-b4c8-4578-b59f-455f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2016-12-15T08:27:14.000Z", "modified": "2016-12-15T08:27:14.000Z", "description": "download location", "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.124.3.30']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2016-12-15T08:27:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }