{ "type": "bundle", "id": "bundle--594b8afd-daac-4cf6-8784-4a9b950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:20:01.000Z", "modified": "2017-06-22T09:20:01.000Z", "name": "CIRCL", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--594b8afd-daac-4cf6-8784-4a9b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:20:01.000Z", "modified": "2017-06-22T09:20:01.000Z", "name": "M2M - phishing URLs", "published": "2017-06-22T09:20:15Z", "object_refs": [ "indicator--594b8afe-b328-46f4-9f80-44b8950d210f", "observed-data--594b8afe-e920-4f7a-8678-42bb950d210f", "network-traffic--594b8afe-e920-4f7a-8678-42bb950d210f", "ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f", "indicator--594b8aff-6384-4d27-bb37-4b65950d210f", "observed-data--594b8b00-2328-49a4-9c2e-4604950d210f", "network-traffic--594b8b00-2328-49a4-9c2e-4604950d210f", "ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f", "indicator--594b8b00-9ed4-4b08-a5d9-452d950d210f", "indicator--594b8b01-0508-49dc-9d57-48a8950d210f", "indicator--594b8b01-e6a4-45b3-af72-4caf950d210f", "indicator--594b8b01-4084-4a80-8f3f-4888950d210f", "indicator--594b8b02-608c-40fb-bf93-496f950d210f", "observed-data--594b8b02-1aa0-4729-9c05-4f71950d210f", "network-traffic--594b8b02-1aa0-4729-9c05-4f71950d210f", "ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f", "indicator--594b8b02-9f20-4c53-ae11-4565950d210f", "observed-data--594b8b03-9470-41bb-a18f-4fa0950d210f", "network-traffic--594b8b03-9470-41bb-a18f-4fa0950d210f", "ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f", "indicator--594b8b03-7218-49b6-8d7a-4fc2950d210f", "indicator--594b8b03-83d4-4590-81db-4d60950d210f", "observed-data--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "network-traffic--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "indicator--594b8b04-1b98-42f3-8d89-47d5950d210f", "observed-data--594b8b04-96ac-4717-89ee-42a1950d210f", "network-traffic--594b8b04-96ac-4717-89ee-42a1950d210f", "ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f", "indicator--594b8b04-6c30-4a4d-807c-4dba950d210f", "indicator--594b8b04-1eb4-4241-9d8c-46bd950d210f", "indicator--594b8b05-ba14-4ccd-94ee-4463950d210f", "indicator--594b8b05-e2bc-43e1-b5f4-49f2950d210f", "indicator--594b8b05-fc88-43d8-b442-4fdd950d210f", "indicator--594b8b05-1b5c-4d11-8d2e-43c5950d210f", "indicator--594b8b06-b004-4872-869b-4e42950d210f", "indicator--594b8b06-e214-4456-ae93-43b3950d210f", "indicator--594b8b07-598c-4657-bd36-49e6950d210f", "indicator--594b8b07-d904-4b71-9dc2-434d950d210f", "indicator--594b8b08-a280-4d8f-9e31-47f4950d210f", "indicator--594b8b08-ad60-4deb-a3d7-4e39950d210f", "indicator--594b8b08-1b38-4402-b94c-4b28950d210f", "indicator--594b8b09-6474-4c2a-87ad-425f950d210f", "indicator--594b8b09-77d8-4509-a437-49e6950d210f", "observed-data--594b8b09-91c0-40e0-9d89-48f8950d210f", "network-traffic--594b8b09-91c0-40e0-9d89-48f8950d210f", "ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f", "indicator--594b8b09-8844-4440-9fbe-4210950d210f", "indicator--594b8b0a-418c-44b5-8a11-4f20950d210f", "indicator--594b8b0a-f688-485a-b888-4d29950d210f", "indicator--594b8b0a-f2ac-4106-8343-449d950d210f", "indicator--594b8b0b-a974-4d27-9dee-4217950d210f", "indicator--594b8b0b-32a4-4b68-999a-448b950d210f", "indicator--594b8b0b-d1bc-475d-8669-4410950d210f", "indicator--594b8b0b-197c-404b-901e-4bf7950d210f", "observed-data--594b8b0c-5084-4296-b4c7-4e86950d210f", "network-traffic--594b8b0c-5084-4296-b4c7-4e86950d210f", "ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f", "indicator--594b8b0c-20a8-43cd-9b19-4538950d210f", "indicator--594b8b0c-a67c-4023-ab0f-4601950d210f", "indicator--594b8b0c-7100-4c58-8afd-4aac950d210f", "indicator--594b8b0d-8c2c-48c0-923f-4c08950d210f", "indicator--594b8b0d-c164-449f-b30e-4a7d950d210f", "indicator--594b8b0d-056c-4b71-8ca1-48b5950d210f", "indicator--594b8b0e-3734-437b-878c-44ef950d210f", "indicator--594b8b0e-84b8-4090-8003-43f4950d210f", "indicator--594b8b0e-21cc-4298-996e-4bc8950d210f", "indicator--594b8b0f-3d0c-4784-afd0-4178950d210f", "indicator--594b8b0f-4b18-446b-aa67-4d29950d210f", "observed-data--594b8b10-b4d4-4732-b527-4144950d210f", "network-traffic--594b8b10-b4d4-4732-b527-4144950d210f", "ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f", "indicator--594b8b10-a498-4572-b2a9-4e4d950d210f", "indicator--594b8b11-d0e8-4489-9e6e-4860950d210f", "indicator--594b8b11-1950-43ba-9061-41c7950d210f", "indicator--594b8b11-9ee0-4aef-82b1-4b1f950d210f", "indicator--594b8b11-0b1c-493e-b42b-4950950d210f", "indicator--594b8b12-1ac4-4c2a-87c9-44bb950d210f", "observed-data--594b8b12-acf0-463b-824f-47e5950d210f", "network-traffic--594b8b12-acf0-463b-824f-47e5950d210f", "ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f", "indicator--594b8b12-5678-4bcd-8361-4d30950d210f", "indicator--594b8b13-9f50-4055-a9f0-40a8950d210f", "indicator--594b8b13-9bfc-4353-ba18-4b97950d210f", "indicator--594b8b13-33b0-4cc4-8c07-4f29950d210f", "indicator--594b8b13-15a4-4d48-9e65-4a60950d210f", "indicator--594b8b14-4a5c-4a0c-9413-49a6950d210f", "indicator--594b8b14-0d88-4e48-9d60-48e6950d210f", "indicator--594b8b14-1c88-482a-9995-4a0b950d210f", "indicator--594b8b14-eabc-4771-adf2-419d950d210f", "indicator--594b8b15-9d7c-4323-9fed-478e950d210f", "indicator--594b8b15-67bc-474c-b1cb-4d26950d210f", "indicator--594b8b15-0eb0-4b63-b6f5-4545950d210f", "indicator--594b8b15-955c-4299-a550-4aa7950d210f", "indicator--594b8b16-02fc-4e9b-8630-42e0950d210f", "indicator--594b8b16-25c0-4c78-9668-4363950d210f", "indicator--594b8b16-d71c-42e9-86d7-4c28950d210f", "indicator--594b8b16-d2c8-4a34-a68a-4500950d210f", "indicator--594b8b17-dac4-471f-9360-4ab8950d210f", "indicator--594b8b17-b9f8-44f4-854f-4406950d210f", "indicator--594b8b17-ee20-44ce-9abe-4707950d210f", "indicator--594b8b17-3e14-4b9a-ab9b-4d38950d210f", "indicator--594b8b18-b430-4c5d-bc51-448a950d210f", "indicator--594b8b18-a084-407b-b657-45a4950d210f", "indicator--594b8b18-0c14-41f6-8df4-48e2950d210f", "indicator--594b8b18-3ee0-4df1-9449-4635950d210f", "indicator--594b8b19-224c-44b9-952a-4002950d210f", "indicator--594b8b19-d2b4-4f28-98a4-46dd950d210f", "indicator--594b8b19-fe10-491c-9e90-4255950d210f", "indicator--594b8b1a-1a34-431d-aaf3-4ebd950d210f", "indicator--594b8b1a-d7b0-482a-9c99-4341950d210f", "indicator--594b8b1a-7f04-426c-9ee5-4bc9950d210f", "indicator--594b8b1b-6ce4-430c-b5fd-488a950d210f", "indicator--594b8b1c-0b88-4379-ade9-483b950d210f", "indicator--594b8b1c-d014-482e-be37-4422950d210f", "indicator--594b8b1c-79f8-4940-9dcd-4127950d210f", "indicator--594b8b1d-98c0-4277-8466-47db950d210f", "indicator--594b8b1d-5ae0-4975-bcf6-4037950d210f", "indicator--594b8b1d-8ebc-4c37-bbfa-4e4a950d210f", "indicator--594b8b1e-3c04-491d-8317-4564950d210f", "indicator--594b8b1e-12d8-4ae5-9c85-4f89950d210f", "indicator--594b8b1e-7fa0-46b1-a7e7-45fe950d210f", "indicator--594b8b1e-d054-484b-81fc-4dfe950d210f", "indicator--594b8b1f-1d88-44a7-a5c5-40b4950d210f", "indicator--594b8b1f-cf48-4d9e-9b15-4564950d210f", "indicator--594b8b1f-a50c-47c0-87fb-4e17950d210f", "indicator--594b8b1f-2550-4fdf-a844-4b3c950d210f", "indicator--594b8b20-c6a4-4365-b689-4773950d210f", "indicator--594b8b20-a978-4693-aa5c-4449950d210f", "indicator--594b8b20-13a4-4e7b-b002-4e62950d210f", "indicator--594b8b21-d364-4282-81bd-4f17950d210f", "indicator--594b8b21-c264-4f41-bdf3-49c8950d210f", "indicator--594b8b22-9374-4ebb-9d41-45b8950d210f", "indicator--594b8b22-6d6c-4528-8164-4527950d210f", "indicator--594b8b23-cb00-4290-992f-479f950d210f", "indicator--594b8b23-726c-4642-a32c-4d0f950d210f" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8afe-b328-46f4-9f80-44b8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:46.000Z", "modified": "2017-06-22T09:16:46.000Z", "pattern": "[domain-name:value = 'amazon.com-access-update-information-account.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8afe-e920-4f7a-8678-42bb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:46.000Z", "modified": "2017-06-22T09:16:46.000Z", "first_observed": "2017-06-22T09:16:46Z", "last_observed": "2017-06-22T09:16:46Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8afe-e920-4f7a-8678-42bb950d210f", "ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8afe-e920-4f7a-8678-42bb950d210f", "dst_ref": "ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8afe-e920-4f7a-8678-42bb950d210f", "value": "89.189.197.55" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8aff-6384-4d27-bb37-4b65950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:47.000Z", "modified": "2017-06-22T09:16:47.000Z", "pattern": "[domain-name:value = 'apple.com.centerdisputeinformation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b00-2328-49a4-9c2e-4604950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:48.000Z", "modified": "2017-06-22T09:16:48.000Z", "first_observed": "2017-06-22T09:16:48Z", "last_observed": "2017-06-22T09:16:48Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b00-2328-49a4-9c2e-4604950d210f", "ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b00-2328-49a4-9c2e-4604950d210f", "dst_ref": "ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b00-2328-49a4-9c2e-4604950d210f", "value": "89.189.197.24" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b00-9ed4-4b08-a5d9-452d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:48.000Z", "modified": "2017-06-22T09:16:48.000Z", "pattern": "[domain-name:value = 'apple.com.helpserviceinformation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b01-0508-49dc-9d57-48a8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:49.000Z", "modified": "2017-06-22T09:16:49.000Z", "pattern": "[domain-name:value = 'apple.com.verificationaccountsummary.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b01-e6a4-45b3-af72-4caf950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:49.000Z", "modified": "2017-06-22T09:16:49.000Z", "pattern": "[domain-name:value = 'apple.com.websitesigninserviceinformation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b01-4084-4a80-8f3f-4888950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:49.000Z", "modified": "2017-06-22T09:16:49.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.cancellation-fraud-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b02-608c-40fb-bf93-496f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:50.000Z", "modified": "2017-06-22T09:16:50.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.cancellation-payment-fraud.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b02-1aa0-4729-9c05-4f71950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:50.000Z", "modified": "2017-06-22T09:16:50.000Z", "first_observed": "2017-06-22T09:16:50Z", "last_observed": "2017-06-22T09:16:50Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b02-1aa0-4729-9c05-4f71950d210f", "ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b02-1aa0-4729-9c05-4f71950d210f", "dst_ref": "ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b02-1aa0-4729-9c05-4f71950d210f", "value": "103.224.212.192" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b02-9f20-4c53-ae11-4565950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:50.000Z", "modified": "2017-06-22T09:16:50.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.cancel-order-fraud.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b03-9470-41bb-a18f-4fa0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:51.000Z", "modified": "2017-06-22T09:16:51.000Z", "first_observed": "2017-06-22T09:16:51Z", "last_observed": "2017-06-22T09:16:51Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b03-9470-41bb-a18f-4fa0950d210f", "ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b03-9470-41bb-a18f-4fa0950d210f", "dst_ref": "ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b03-9470-41bb-a18f-4fa0950d210f", "value": "103.224.212.185" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b03-7218-49b6-8d7a-4fc2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:51.000Z", "modified": "2017-06-22T09:16:51.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.cancel-payment-fraud.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b03-83d4-4590-81db-4d60950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:51.000Z", "modified": "2017-06-22T09:16:51.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.payment-cancellation-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:51.000Z", "modified": "2017-06-22T09:16:51.000Z", "first_observed": "2017-06-22T09:16:51Z", "last_observed": "2017-06-22T09:16:51Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "dst_ref": "ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b03-c8ac-4fe0-bf9b-4dec950d210f", "value": "103.224.212.193" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b04-1b98-42f3-8d89-47d5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:52.000Z", "modified": "2017-06-22T09:16:52.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.payment-cancel-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b04-96ac-4717-89ee-42a1950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:52.000Z", "modified": "2017-06-22T09:16:52.000Z", "first_observed": "2017-06-22T09:16:52Z", "last_observed": "2017-06-22T09:16:52Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b04-96ac-4717-89ee-42a1950d210f", "ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b04-96ac-4717-89ee-42a1950d210f", "dst_ref": "ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b04-96ac-4717-89ee-42a1950d210f", "value": "103.224.212.186" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b04-6c30-4a4d-807c-4dba950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:52.000Z", "modified": "2017-06-22T09:16:52.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.refundable-payment-client.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b04-1eb4-4241-9d8c-46bd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:52.000Z", "modified": "2017-06-22T09:16:52.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.refund-payment-client.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b05-ba14-4ccd-94ee-4463950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:53.000Z", "modified": "2017-06-22T09:16:53.000Z", "pattern": "[domain-name:value = 'appleid.apple.com.refund-payment-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b05-e2bc-43e1-b5f4-49f2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:53.000Z", "modified": "2017-06-22T09:16:53.000Z", "pattern": "[domain-name:value = 'appleid.apple.com-access-account-update.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b05-fc88-43d8-b442-4fdd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:53.000Z", "modified": "2017-06-22T09:16:53.000Z", "pattern": "[domain-name:value = 'appleid.apple.com-access-account-update.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b05-1b5c-4d11-8d2e-43c5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:53.000Z", "modified": "2017-06-22T09:16:53.000Z", "pattern": "[domain-name:value = 'appleid.apple.com-access-account-update.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b06-b004-4872-869b-4e42950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:54.000Z", "modified": "2017-06-22T09:16:54.000Z", "pattern": "[domain-name:value = 'appleid.apple.com-access-unlock-accounts.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b06-e214-4456-ae93-43b3950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:54.000Z", "modified": "2017-06-22T09:16:54.000Z", "pattern": "[domain-name:value = 'authorized-signattempt.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b07-598c-4657-bd36-49e6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:55.000Z", "modified": "2017-06-22T09:16:55.000Z", "pattern": "[domain-name:value = 'cancellation-fraud-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b07-d904-4b71-9dc2-434d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:55.000Z", "modified": "2017-06-22T09:16:55.000Z", "pattern": "[domain-name:value = 'cancellation-payment-fraud.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:55Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b08-a280-4d8f-9e31-47f4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:56.000Z", "modified": "2017-06-22T09:16:56.000Z", "pattern": "[domain-name:value = 'cancel-order-fraud.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b08-ad60-4deb-a3d7-4e39950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:56.000Z", "modified": "2017-06-22T09:16:56.000Z", "pattern": "[domain-name:value = 'cloud-line-vision.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b08-1b38-4402-b94c-4b28950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:56.000Z", "modified": "2017-06-22T09:16:56.000Z", "pattern": "[domain-name:value = 'com-acces-accounts-limit.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:56Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b09-6474-4c2a-87ad-425f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:57.000Z", "modified": "2017-06-22T09:16:57.000Z", "pattern": "[domain-name:value = 'com-access-account-limit.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b09-77d8-4509-a437-49e6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:57.000Z", "modified": "2017-06-22T09:16:57.000Z", "pattern": "[domain-name:value = 'com-access-account-limit.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b09-91c0-40e0-9d89-48f8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:57.000Z", "modified": "2017-06-22T09:16:57.000Z", "first_observed": "2017-06-22T09:16:57Z", "last_observed": "2017-06-22T09:16:57Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b09-91c0-40e0-9d89-48f8950d210f", "ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b09-91c0-40e0-9d89-48f8950d210f", "dst_ref": "ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b09-91c0-40e0-9d89-48f8950d210f", "value": "195.20.50.201" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b09-8844-4440-9fbe-4210950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:57.000Z", "modified": "2017-06-22T09:16:57.000Z", "pattern": "[domain-name:value = 'com-access-account-limit.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:57Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0a-418c-44b5-8a11-4f20950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:58.000Z", "modified": "2017-06-22T09:16:58.000Z", "pattern": "[domain-name:value = 'com-access-account-limit.tk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0a-f688-485a-b888-4d29950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:58.000Z", "modified": "2017-06-22T09:16:58.000Z", "pattern": "[domain-name:value = 'com-access-account-update.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0a-f2ac-4106-8343-449d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:58.000Z", "modified": "2017-06-22T09:16:58.000Z", "pattern": "[domain-name:value = 'com-access-account-update.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:58Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0b-a974-4d27-9dee-4217950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:59.000Z", "modified": "2017-06-22T09:16:59.000Z", "pattern": "[domain-name:value = 'com-access-account-update.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0b-32a4-4b68-999a-448b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:59.000Z", "modified": "2017-06-22T09:16:59.000Z", "pattern": "[domain-name:value = 'com-access-unlock-accounts.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0b-d1bc-475d-8669-4410950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:59.000Z", "modified": "2017-06-22T09:16:59.000Z", "pattern": "[domain-name:value = 'com-access-update-account.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0b-197c-404b-901e-4bf7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:16:59.000Z", "modified": "2017-06-22T09:16:59.000Z", "pattern": "[domain-name:value = 'com-access-update-information-account.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:16:59Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b0c-5084-4296-b4c7-4e86950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:00.000Z", "modified": "2017-06-22T09:17:00.000Z", "first_observed": "2017-06-22T09:17:00Z", "last_observed": "2017-06-22T09:17:00Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b0c-5084-4296-b4c7-4e86950d210f", "ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b0c-5084-4296-b4c7-4e86950d210f", "dst_ref": "ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b0c-5084-4296-b4c7-4e86950d210f", "value": "195.20.51.31" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0c-20a8-43cd-9b19-4538950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:00.000Z", "modified": "2017-06-22T09:17:00.000Z", "pattern": "[domain-name:value = 'com-access-update-information-account.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0c-a67c-4023-ab0f-4601950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:00.000Z", "modified": "2017-06-22T09:17:00.000Z", "pattern": "[domain-name:value = 'com-access-update-limits-account.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0c-7100-4c58-8afd-4aac950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:00.000Z", "modified": "2017-06-22T09:17:00.000Z", "pattern": "[domain-name:value = 'com-access-update-limits-account.tk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:00Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0d-8c2c-48c0-923f-4c08950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:01.000Z", "modified": "2017-06-22T09:17:01.000Z", "pattern": "[domain-name:value = 'com-idicloud-issues-login-from-other-device-please-chek.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0d-c164-449f-b30e-4a7d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:01.000Z", "modified": "2017-06-22T09:17:01.000Z", "pattern": "[domain-name:value = 'com-update-account-notifications.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0d-056c-4b71-8ca1-48b5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:01.000Z", "modified": "2017-06-22T09:17:01.000Z", "pattern": "[domain-name:value = 'com-update-account-notifications.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:01Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0e-3734-437b-878c-44ef950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:02.000Z", "modified": "2017-06-22T09:17:02.000Z", "pattern": "[domain-name:value = 'com-update-accounts.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0e-84b8-4090-8003-43f4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:02.000Z", "modified": "2017-06-22T09:17:02.000Z", "pattern": "[domain-name:value = 'com-update-accounts.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0e-21cc-4298-996e-4bc8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:02.000Z", "modified": "2017-06-22T09:17:02.000Z", "pattern": "[domain-name:value = 'configureservicebillinginformation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:02Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0f-3d0c-4784-afd0-4178950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:03.000Z", "modified": "2017-06-22T09:17:03.000Z", "pattern": "[domain-name:value = 'configureservicebillinginformationwebapps.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b0f-4b18-446b-aa67-4d29950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:03.000Z", "modified": "2017-06-22T09:17:03.000Z", "pattern": "[domain-name:value = 'confirmation-infomation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:03Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b10-b4d4-4732-b527-4144950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:04.000Z", "modified": "2017-06-22T09:17:04.000Z", "first_observed": "2017-06-22T09:17:04Z", "last_observed": "2017-06-22T09:17:04Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b10-b4d4-4732-b527-4144950d210f", "ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b10-b4d4-4732-b527-4144950d210f", "dst_ref": "ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b10-b4d4-4732-b527-4144950d210f", "value": "45.33.9.234" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b10-a498-4572-b2a9-4e4d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:04.000Z", "modified": "2017-06-22T09:17:04.000Z", "pattern": "[domain-name:value = 'confirmation-secure.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:04Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b11-d0e8-4489-9e6e-4860950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:05.000Z", "modified": "2017-06-22T09:17:05.000Z", "pattern": "[domain-name:value = 'confirmation-services.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b11-1950-43ba-9061-41c7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:05.000Z", "modified": "2017-06-22T09:17:05.000Z", "pattern": "[domain-name:value = 'confirmation-transaction.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b11-9ee0-4aef-82b1-4b1f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:05.000Z", "modified": "2017-06-22T09:17:05.000Z", "pattern": "[domain-name:value = 'helpserviceinformation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b11-0b1c-493e-b42b-4950950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:05.000Z", "modified": "2017-06-22T09:17:05.000Z", "pattern": "[domain-name:value = 'payment-cancellation-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:05Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b12-1ac4-4c2a-87c9-44bb950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:06.000Z", "modified": "2017-06-22T09:17:06.000Z", "pattern": "[domain-name:value = 'paypal.com.access-accounts-limit.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--594b8b12-acf0-463b-824f-47e5950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:06.000Z", "modified": "2017-06-22T09:17:06.000Z", "first_observed": "2017-06-22T09:17:06Z", "last_observed": "2017-06-22T09:17:06Z", "number_observed": 1, "object_refs": [ "network-traffic--594b8b12-acf0-463b-824f-47e5950d210f", "ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f" ], "labels": [ "misp:type=\"ip-dst\"", "misp:category=\"Network activity\"" ] }, { "type": "network-traffic", "spec_version": "2.1", "id": "network-traffic--594b8b12-acf0-463b-824f-47e5950d210f", "dst_ref": "ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f", "protocols": [ "tcp" ] }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--594b8b12-acf0-463b-824f-47e5950d210f", "value": "89.189.197.18" }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b12-5678-4bcd-8361-4d30950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:06.000Z", "modified": "2017-06-22T09:17:06.000Z", "pattern": "[domain-name:value = 'paypal.com.access-accounts-limit.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:06Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b13-9f50-4055-a9f0-40a8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:07.000Z", "modified": "2017-06-22T09:17:07.000Z", "pattern": "[domain-name:value = 'paypal.com.access-accounts-limit.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b13-9bfc-4353-ba18-4b97950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:07.000Z", "modified": "2017-06-22T09:17:07.000Z", "pattern": "[domain-name:value = 'paypal.com.access-update-limit-accounts.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b13-33b0-4cc4-8c07-4f29950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:07.000Z", "modified": "2017-06-22T09:17:07.000Z", "pattern": "[domain-name:value = 'paypal.com-acces-accounts-limit.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b13-15a4-4d48-9e65-4a60950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:07.000Z", "modified": "2017-06-22T09:17:07.000Z", "pattern": "[domain-name:value = 'paypal.com-acces-accounts-limit.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:07Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b14-4a5c-4a0c-9413-49a6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:08.000Z", "modified": "2017-06-22T09:17:08.000Z", "pattern": "[domain-name:value = 'paypal.com-acces-accounts-limit.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b14-0d88-4e48-9d60-48e6950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:08.000Z", "modified": "2017-06-22T09:17:08.000Z", "pattern": "[domain-name:value = 'paypal.com-access-account-limit.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b14-1c88-482a-9995-4a0b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:08.000Z", "modified": "2017-06-22T09:17:08.000Z", "pattern": "[domain-name:value = 'paypal.com-access-account-limit.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b14-eabc-4771-adf2-419d950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:08.000Z", "modified": "2017-06-22T09:17:08.000Z", "pattern": "[domain-name:value = 'paypal.com-access-account-limit.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:08Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b15-9d7c-4323-9fed-478e950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:09.000Z", "modified": "2017-06-22T09:17:09.000Z", "pattern": "[domain-name:value = 'paypal.com-access-account-limit.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b15-67bc-474c-b1cb-4d26950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:09.000Z", "modified": "2017-06-22T09:17:09.000Z", "pattern": "[domain-name:value = 'paypal.com-access-account-limit.tk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b15-0eb0-4b63-b6f5-4545950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:09.000Z", "modified": "2017-06-22T09:17:09.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-account.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b15-955c-4299-a550-4aa7950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:09.000Z", "modified": "2017-06-22T09:17:09.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-account.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:09Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b16-02fc-4e9b-8630-42e0950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:10.000Z", "modified": "2017-06-22T09:17:10.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-accounts.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b16-25c0-4c78-9668-4363950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:10.000Z", "modified": "2017-06-22T09:17:10.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-accounts.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b16-d71c-42e9-86d7-4c28950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:10.000Z", "modified": "2017-06-22T09:17:10.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-accounts.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b16-d2c8-4a34-a68a-4500950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:10.000Z", "modified": "2017-06-22T09:17:10.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-accounts.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:10Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b17-dac4-471f-9360-4ab8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:11.000Z", "modified": "2017-06-22T09:17:11.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-info-account.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b17-b9f8-44f4-854f-4406950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:11.000Z", "modified": "2017-06-22T09:17:11.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b17-ee20-44ce-9abe-4707950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:11.000Z", "modified": "2017-06-22T09:17:11.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b17-3e14-4b9a-ab9b-4d38950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:11.000Z", "modified": "2017-06-22T09:17:11.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b18-b430-4c5d-bc51-448a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:12.000Z", "modified": "2017-06-22T09:17:12.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b18-a084-407b-b657-45a4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:12.000Z", "modified": "2017-06-22T09:17:12.000Z", "pattern": "[domain-name:value = 'paypal.com-access-update-limits-account.tk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b18-0c14-41f6-8df4-48e2950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:12.000Z", "modified": "2017-06-22T09:17:12.000Z", "pattern": "[domain-name:value = 'paypal.com-update-account-notifications.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b18-3ee0-4df1-9449-4635950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:12.000Z", "modified": "2017-06-22T09:17:12.000Z", "pattern": "[domain-name:value = 'paypal.com-update-account-notifications.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b19-224c-44b9-952a-4002950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:13.000Z", "modified": "2017-06-22T09:17:13.000Z", "pattern": "[domain-name:value = 'paypal.com-update-account-notifications.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b19-d2b4-4f28-98a4-46dd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:13.000Z", "modified": "2017-06-22T09:17:13.000Z", "pattern": "[domain-name:value = 'paypal.com-update-account-notifications.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b19-fe10-491c-9e90-4255950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:13.000Z", "modified": "2017-06-22T09:17:13.000Z", "pattern": "[domain-name:value = 'paypal.com-update-accounts.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:13Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1a-1a34-431d-aaf3-4ebd950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:14.000Z", "modified": "2017-06-22T09:17:14.000Z", "pattern": "[domain-name:value = 'paypal.com-update-accounts.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1a-d7b0-482a-9c99-4341950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:14.000Z", "modified": "2017-06-22T09:17:14.000Z", "pattern": "[domain-name:value = 'paypal.com-update-accounts.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1a-7f04-426c-9ee5-4bc9950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:14.000Z", "modified": "2017-06-22T09:17:14.000Z", "pattern": "[domain-name:value = 'redirect-to-secure.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1b-6ce4-430c-b5fd-488a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:15.000Z", "modified": "2017-06-22T09:17:15.000Z", "pattern": "[domain-name:value = 'redirect-to-secure.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:15Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1c-0b88-4379-ade9-483b950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:16.000Z", "modified": "2017-06-22T09:17:16.000Z", "pattern": "[domain-name:value = 'redirect-to-secure.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1c-d014-482e-be37-4422950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:16.000Z", "modified": "2017-06-22T09:17:16.000Z", "pattern": "[domain-name:value = 'redirect-to-summary.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1c-79f8-4940-9dcd-4127950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:16.000Z", "modified": "2017-06-22T09:17:16.000Z", "pattern": "[domain-name:value = 'redirect-to-summary.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:16Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1d-98c0-4277-8466-47db950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:17.000Z", "modified": "2017-06-22T09:17:17.000Z", "pattern": "[domain-name:value = 'redirect-to-update.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1d-5ae0-4975-bcf6-4037950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:17.000Z", "modified": "2017-06-22T09:17:17.000Z", "pattern": "[domain-name:value = 'redirect-to-update.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1d-8ebc-4c37-bbfa-4e4a950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:17.000Z", "modified": "2017-06-22T09:17:17.000Z", "pattern": "[domain-name:value = 'refundable-payment-cancel.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:17Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1e-3c04-491d-8317-4564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:18.000Z", "modified": "2017-06-22T09:17:18.000Z", "pattern": "[domain-name:value = 'refundable-payment-client.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1e-12d8-4ae5-9c85-4f89950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:18.000Z", "modified": "2017-06-22T09:17:18.000Z", "pattern": "[domain-name:value = 'refundable-payment-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1e-7fa0-46b1-a7e7-45fe950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:18.000Z", "modified": "2017-06-22T09:17:18.000Z", "pattern": "[domain-name:value = 'refund-payment-client.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1e-d054-484b-81fc-4dfe950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:18.000Z", "modified": "2017-06-22T09:17:18.000Z", "pattern": "[domain-name:value = 'refund-payment-order.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:18Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1f-1d88-44a7-a5c5-40b4950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:19.000Z", "modified": "2017-06-22T09:17:19.000Z", "pattern": "[domain-name:value = 'security-linked.cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1f-cf48-4d9e-9b15-4564950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:19.000Z", "modified": "2017-06-22T09:17:19.000Z", "pattern": "[domain-name:value = 'security-linked.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1f-a50c-47c0-87fb-4e17950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:19.000Z", "modified": "2017-06-22T09:17:19.000Z", "pattern": "[domain-name:value = 'security-linked.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b1f-2550-4fdf-a844-4b3c950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:19.000Z", "modified": "2017-06-22T09:17:19.000Z", "pattern": "[domain-name:value = 'security-measure.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:19Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b20-c6a4-4365-b689-4773950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:20.000Z", "modified": "2017-06-22T09:17:20.000Z", "pattern": "[domain-name:value = 'security-measure.gq']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b20-a978-4693-aa5c-4449950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:20.000Z", "modified": "2017-06-22T09:17:20.000Z", "pattern": "[domain-name:value = 'security-measure.ml']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b20-13a4-4e7b-b002-4e62950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:20.000Z", "modified": "2017-06-22T09:17:20.000Z", "pattern": "[domain-name:value = 'service-ppay.info']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:20Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b21-d364-4282-81bd-4f17950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:21.000Z", "modified": "2017-06-22T09:17:21.000Z", "pattern": "[domain-name:value = 'servicewebappsinformation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b21-c264-4f41-bdf3-49c8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:21.000Z", "modified": "2017-06-22T09:17:21.000Z", "pattern": "[domain-name:value = 'squad-elipsce-line.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:21Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b22-9374-4ebb-9d41-45b8950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:22.000Z", "modified": "2017-06-22T09:17:22.000Z", "pattern": "[domain-name:value = 'user-inc-activation.ga']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b22-6d6c-4528-8164-4527950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:22.000Z", "modified": "2017-06-22T09:17:22.000Z", "pattern": "[domain-name:value = 'websitesigninserviceinformation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b23-cb00-4290-992f-479f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:23.000Z", "modified": "2017-06-22T09:17:23.000Z", "pattern": "[domain-name:value = 'www.confirmation-infomation.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--594b8b23-726c-4642-a32c-4d0f950d210f", "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f", "created": "2017-06-22T09:17:23.000Z", "modified": "2017-06-22T09:17:23.000Z", "pattern": "[domain-name:value = 'www.confirmation-services.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2017-06-22T09:17:23Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"hostname\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }