{ "type": "bundle", "id": "bundle--5a8d2377-208c-4330-908f-4818950d210f", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2020-08-03T06:39:01.000Z", "modified": "2020-08-03T06:39:01.000Z", "name": "CthulhuSPRL.be", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5a8d2377-208c-4330-908f-4818950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2020-08-03T06:39:01.000Z", "modified": "2020-08-03T06:39:01.000Z", "name": "A Slice of 2017 Sofacy Activity by Kaspersky", "published": "2020-08-03T06:40:27Z", "object_refs": [ "observed-data--5a8d2384-c8c0-40c3-ac89-4248950d210f", "url--5a8d2384-c8c0-40c3-ac89-4248950d210f", "vulnerability--5a8d2406-6cd8-4f08-b88a-4923950d210f", "vulnerability--5a8d2406-7d74-4a27-b345-4012950d210f", "indicator--5a8d244a-4164-4110-9631-4986950d210f", "indicator--5a8d244a-6b4c-4b2e-a136-4a37950d210f", "indicator--5a8d244a-8788-452b-9aa6-4dc0950d210f", "indicator--5a8d244a-91cc-47bf-9982-47bb950d210f", "indicator--5a8d244a-c4b0-47e1-a865-4da8950d210f", "indicator--5a8d244a-f988-4d20-9489-43c4950d210f", "indicator--5a8d244a-2118-456d-a8a9-4ec9950d210f", "indicator--5a8d244a-67e8-4fdb-89a5-4640950d210f", "indicator--5a8d244a-bd2c-4165-a340-470d950d210f", "indicator--5a8d244a-152c-4094-801f-4834950d210f", "indicator--5a8d244a-5b98-425b-8ba1-456f950d210f", "indicator--5a8d244a-9070-4c8c-bf61-489b950d210f", "indicator--5a8d244a-acac-48bf-b211-4ae1950d210f", "indicator--5a8d244a-bec0-4aec-af87-4e82950d210f", "indicator--5a8d244a-d458-4a4c-bb8b-4895950d210f", "indicator--5a8d244a-f4e0-40a9-bd34-40f6950d210f", "indicator--5a8d244a-06f4-4586-90c8-4568950d210f", "indicator--5a8d244a-1e80-4142-ac23-4aed950d210f", "indicator--5a8d244a-5f10-4cbc-9e58-42a9950d210f", "indicator--5a8d244a-8e0c-4e70-9c38-4901950d210f", "indicator--5a8d244a-b1b4-442b-becf-452f950d210f", "indicator--5a8d244a-fa14-43f6-a905-4a61950d210f", "indicator--5a8d244a-2b04-41a7-be9f-4920950d210f", "indicator--5a8d244a-729c-41eb-bd61-4324950d210f", "indicator--5a8d244a-9a2c-4d6d-92ba-4ad5950d210f", "indicator--5a8d244a-e3b8-4a7a-882d-4907950d210f", "indicator--5a8d244a-18f4-4c3f-bdf1-432a950d210f", "indicator--5a8d244a-66cc-4660-be54-4e1d950d210f", "indicator--5a8d244a-962c-48b5-b1fb-4077950d210f", "indicator--5a8d244a-e01c-446a-bb5d-4434950d210f", "indicator--5a8d244a-174c-4b80-965c-4b8c950d210f", "indicator--5a8d244a-771c-4a79-8a8e-45fc950d210f", "indicator--5a8d244a-b554-4488-a976-4a5f950d210f", "indicator--5a8d244a-019c-4c11-ae6a-46bf950d210f", "indicator--5a8d244a-1f04-49ae-99cf-4f75950d210f", "indicator--5a8d244a-52b0-43e1-8923-4d18950d210f", "indicator--5a8d244a-6dc0-40cd-8914-477d950d210f", "indicator--5a8d244a-7034-4b89-97fa-4785950d210f", "indicator--5a8d244a-8054-44f1-819d-4de2950d210f", "indicator--5a8d244a-a1a4-4b43-9be2-402d950d210f", "indicator--5a8d244a-a47c-4a00-8f6e-4384950d210f", "indicator--5a8d244a-a9ac-4741-8fec-4136950d210f", "indicator--5a8d244a-b968-4b78-8cae-4bbe950d210f", "indicator--5a8d244a-abd8-4a59-aa77-4564950d210f", "indicator--5a8d244a-9eac-4f73-b5f8-45bb950d210f", "indicator--5a8d244a-9248-4b5d-b97c-468e950d210f", "indicator--5a8d244a-8a94-4392-b470-4292950d210f", "indicator--5a8d244a-7660-4f3b-b3fa-4183950d210f", "indicator--5a8d244a-6b28-405f-b280-450c950d210f", "indicator--5a8d244a-64a0-4112-8110-4ff3950d210f", "indicator--5a8d244a-a7ec-48cf-80d5-431d950d210f", "indicator--5a8d244a-ca04-4144-b1fe-41c6950d210f", "indicator--5a8d244a-d448-4e3c-bbc4-4ada950d210f", "indicator--5a8d244a-eb70-41ea-82d9-4fc5950d210f", "indicator--5a8d244a-1fe4-42ce-9c45-4b43950d210f", "indicator--5a8d24ce-99c4-49a4-b98c-4b0a950d210f", "indicator--5a8d24cf-4040-4fe9-a83b-4759950d210f", "indicator--5a8d24cf-03a4-41b5-b0a5-48ca950d210f", "indicator--5a8d24d0-0ce8-47cf-b988-47ad950d210f", "indicator--5a8d24d0-ae38-40ad-8fb7-42ed950d210f", "indicator--5a8d24d0-65fc-45fe-a819-4194950d210f", "indicator--5a8d24d1-9fe4-48ac-92c4-4032950d210f", "indicator--5a8d24d1-f2e8-4f4b-aedd-45e3950d210f", "indicator--5a8d24d1-9044-4e35-a69b-4ed5950d210f", "indicator--5a8d24d2-4788-43b0-85f3-4c17950d210f", "indicator--5a8d24d2-f15c-4c5f-99d4-4187950d210f", "indicator--5a8d24d3-34ac-47e5-8f63-47e3950d210f", "indicator--5a8d24d3-77a8-4194-a948-4a8e950d210f", "indicator--5a8d24d3-11e0-4f5e-abb0-4ec6950d210f", "indicator--5a8d24d4-b964-4d38-9de8-42ec950d210f", "indicator--5a8d24d4-4590-48e2-a9a7-4f00950d210f", "indicator--5a8d24d5-36ec-4aac-bae4-4c3f950d210f", "indicator--5a8d24d5-102c-4e72-9a6c-4738950d210f", "indicator--5a8d24d5-9828-4754-8c1a-44fc950d210f", "indicator--5a8d24d6-ebec-4fde-8eb8-4fea950d210f", "indicator--5a8d24d6-cec8-4e3e-bef9-4e73950d210f", "indicator--5a8d24d6-c09c-4628-90e3-4374950d210f", "indicator--5a8d24d7-8a18-46ea-8483-4fb6950d210f", "indicator--5a8d24d7-d680-4c88-aa2f-4c39950d210f", "indicator--5a8d24d8-b19c-4e65-8415-4710950d210f", "indicator--5a8d24d8-b8b0-4731-a87c-428a950d210f", "indicator--5a8d24d8-4978-41f5-b523-4abd950d210f", "indicator--5a8d24d9-ff34-48a9-b709-4a84950d210f", "indicator--5a8d24d9-1968-4616-8dfd-488a950d210f", "indicator--5a8d24d9-0088-40b4-ae61-4521950d210f", "indicator--5a8d24da-90f0-408d-9512-47f6950d210f", "indicator--5a8d24da-aa2c-4c86-bcc7-4941950d210f", "indicator--5a8d24db-0bac-4a89-83a8-4ffc950d210f", "indicator--5a8d24db-faec-476e-b340-4c9a950d210f", "indicator--5a8d24db-d7bc-4e75-8d4b-4ef5950d210f", "indicator--5a8d24dc-b5d4-4aa0-9261-4df3950d210f", "indicator--5a8d24dc-4804-4756-a80d-4d9a950d210f", "indicator--5a8d24dd-6c1c-4b56-a267-42f4950d210f", "indicator--5a8d24de-3254-4a47-a2ea-4421950d210f", "indicator--5a980043-2c20-450d-bc03-0d490a950b0d", "indicator--5a980032-9854-4d56-a880-0a3f0a950b0d" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "misp-galaxy:microsoft-activity-group=\"STRONTIUM\"", "misp-galaxy:threat-actor=\"Sofacy\"", "APT", "Threat Type:APT", "osint:source-type=\"blog-post\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5a8d2384-c8c0-40c3-ac89-4248950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:45:07.000Z", "modified": "2018-02-21T07:45:07.000Z", "first_observed": "2018-02-21T07:45:07Z", "last_observed": "2018-02-21T07:45:07Z", "number_observed": 1, "object_refs": [ "url--5a8d2384-c8c0-40c3-ac89-4248950d210f" ], "labels": [ "misp:type=\"link\"", "misp:category=\"External analysis\"" ] }, { "type": "url", "spec_version": "2.1", "id": "url--5a8d2384-c8c0-40c3-ac89-4248950d210f", "value": "https://securelist.com/a-slice-of-2017-sofacy-activity/83930/" }, { "type": "vulnerability", "spec_version": "2.1", "id": "vulnerability--5a8d2406-6cd8-4f08-b88a-4923950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:47:18.000Z", "modified": "2018-02-21T07:47:18.000Z", "name": "CVE-2017-0262", "labels": [ "misp:type=\"vulnerability\"", "misp:category=\"External analysis\"" ], "external_references": [ { "source_name": "cve", "external_id": "CVE-2017-0262" } ] }, { "type": "vulnerability", "spec_version": "2.1", "id": "vulnerability--5a8d2406-7d74-4a27-b345-4012950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:47:18.000Z", "modified": "2018-02-21T07:47:18.000Z", "name": "CVE-2017-0263", "labels": [ "misp:type=\"vulnerability\"", "misp:category=\"External analysis\"" ], "external_references": [ { "source_name": "cve", "external_id": "CVE-2017-0263" } ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-4164-4110-9631-4986950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '66b4fb539806ce27be184b6735584339']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-6b4c-4b2e-a136-4a37950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'e8e1fcf757fe06be13bead43eaa1338c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-8788-452b-9aa6-4dc0950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '953c7321c4959655fdd53302550ce02d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-91cc-47bf-9982-47bb950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'aa2aac4606405d61c7e53140d35d7671']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-c4b0-47e1-a865-4da8950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '85cd38f9e2c9397a18013a8921841a04']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-f988-4d20-9489-43c4950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '57601d717fcf358220340675f8d63c8a']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-2118-456d-a8a9-4ec9950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '16e1ca26bc66e30bfa52f8a08846613d']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-67e8-4fdb-89a5-4640950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'f8e92d8b5488ea76c40601c8f1a08790']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-bd2c-4165-a340-470d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'b137c809e3bf11f2f5d867a6f4215f95']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-152c-4094-801f-4834950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '237e6dcbc6af50ef5f5211818522c463']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-5b98-425b-8ba1-456f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '88009adca35560810ec220544e4fb6aa']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-9070-4c8c-bf61-489b950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '2163a33330ae5786d3e984db09b2d9d2']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-acac-48bf-b211-4ae1950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '02b79c468c38c4312429a499fa4f6c81']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-bec0-4aec-af87-4e82950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '842454b48f5f800029946b1555fba7fc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-d458-4a4c-bb8b-4895950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'b88633376fbb144971dcb503f72fd192']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-f4e0-40a9-bd34-40f6950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '8f9f697aa6697acee70336f66f295837']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-06f4-4586-90c8-4568950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'b6f77273cbde76896a36e32b0c0540e1']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-1e80-4142-ac23-4aed950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '1421419d1be31f1f9ea60e8ed87277db']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-5f10-4cbc-9e58-42a9950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '1a4b9a6b321da199aa6d10180e889313']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-8e0c-4e70-9c38-4901950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '9b10685b774a783eabfecdb6119a8aa3']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-b1b4-442b-becf-452f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'aa34fb2e5849bff4144a1c98a8158970']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-fa14-43f6-a905-4a61950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'aced5525ba0d4f44ffd01c4db2730a34']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-2b04-41a7-be9f-4920950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'b1d1a2c64474d2f6e7a5db71ccbafa31']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-729c-41eb-bd61-4324950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'b924ff83d9120d934bb49a7a2e3c4292']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-9a2c-4d6d-92ba-4ad5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'cdb58c2999eeda58a9d0c70f910d1195']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-e3b8-4a7a-882d-4907950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'd4a5d44184333442f5015699c2b8af28']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-18f4-4c3f-bdf1-432a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'd6f2bf2066e053e58fe8bcd39cb2e9ad']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-66cc-4660-be54-4e1d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '34dc9a69f33ba93e631cd5048d9f2624']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-962c-48b5-b1fb-4077950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '1c6f8eba504f2f429abf362626545c79']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-e01c-446a-bb5d-4434950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '139c9ac0776804714ebe8b8d35a04641']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-174c-4b80-965c-4b8c950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'e228cd74103dc069663bb87d4f22d7d5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-771c-4a79-8a8e-45fc950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'bed5bc0a8aae2662ea5d2484f80c1760']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-b554-4488-a976-4a5f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '8c3f5f1fff999bc783062dd50357be79']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-019c-4c11-ae6a-46bf950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '5882a8dd4446abd137c05d2451b85fea']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-1f04-49ae-99cf-4f75950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '296c956fe429cedd1b64b78e66797122']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-52b0-43e1-8923-4d18950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '82f06d7157dd28a75f1fbb47728aea25']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-6dc0-40cd-8914-477d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '9a975e0ddd32c0deef1318c485358b20']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-7034-4b89-97fa-4785950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '529424eae07677834a770aaa431e6c54']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-8054-44f1-819d-4de2950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '4cafde8fa7d9e67194d4edd4f2adb92b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-a1a4-4b43-9be2-402d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'f6b2ef4daf1b78802548d3e6d4de7ba7']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-a47c-4a00-8f6e-4384950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'ede5d82bb6775a9b1659dccb699fadcb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-a9ac-4741-8fec-4136950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '116d2fc1665ce7524826a624be0ded1c']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-b968-4b78-8cae-4bbe950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '20ff290b8393f006eaf4358f09f13e99']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-abd8-4a59-aa77-4564950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '4b02dfdfd44df3c88b0ca8c2327843a4']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-9eac-4f73-b5f8-45bb950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'c789ec7537e300411d523aef74407a5e']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-9248-4b5d-b97c-468e950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '0b32e65caf653d77cab2a866ee2d9dbc']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-8a94-4392-b470-4292950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '27faa10d1bec1a25f66e88645c695016']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-7660-4f3b-b3fa-4183950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '647edddf61954822ddb7ab3341f9a6c5']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-6b28-405f-b280-450c950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '2f04b8eb993ca4a3d98607824a10acfb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-64a0-4112-8110-4ff3950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '9fe3a0fb3304d749aeed2c3e2e5787eb']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-a7ec-48cf-80d5-431d950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '62deab0e5d61d6bf9e0ba83d9e1d7e2b']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-ca04-4144-b1fe-41c6950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '86b607fe63c76b3d808f84969cb1a781']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-d448-4e3c-bbc4-4ada950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'f62182cf0ab94b3c97b0261547dfc6cf']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-eb70-41ea-82d9-4fc5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = '504182aaa5575bb38bf584839beb6d51']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d244a-1fe4-42ce-9c45-4b43950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:48:26.000Z", "modified": "2018-02-21T07:48:26.000Z", "pattern": "[file:hashes.MD5 = 'd79a21970cad03e22440ea66bd85931f']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:48:26Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "External analysis" } ], "labels": [ "misp:type=\"md5\"", "misp:category=\"External analysis\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24ce-99c4-49a4-b98c-4b0a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:38.000Z", "modified": "2018-02-21T07:50:38.000Z", "pattern": "[domain-name:value = 'nethostnet.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:38Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24cf-4040-4fe9-a83b-4759950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:39.000Z", "modified": "2018-02-21T07:50:39.000Z", "pattern": "[domain-name:value = 'hostsvcnet.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24cf-03a4-41b5-b0a5-48ca950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:39.000Z", "modified": "2018-02-21T07:50:39.000Z", "pattern": "[domain-name:value = 'etcrem.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d0-0ce8-47cf-b988-47ad950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:40.000Z", "modified": "2018-02-21T07:50:40.000Z", "pattern": "[domain-name:value = 'movieultimate.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d0-ae38-40ad-8fb7-42ed950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:40.000Z", "modified": "2018-02-21T07:50:40.000Z", "pattern": "[domain-name:value = 'newfilmts.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d0-65fc-45fe-a819-4194950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:40.000Z", "modified": "2018-02-21T07:50:40.000Z", "pattern": "[domain-name:value = 'fastdataexchange.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:40Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d1-9fe4-48ac-92c4-4032950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:41.000Z", "modified": "2018-02-21T07:50:41.000Z", "pattern": "[domain-name:value = 'liveweatherview.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d1-f2e8-4f4b-aedd-45e3950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:41.000Z", "modified": "2018-02-21T07:50:41.000Z", "pattern": "[domain-name:value = 'analyticsbar.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d1-9044-4e35-a69b-4ed5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:41.000Z", "modified": "2018-02-21T07:50:41.000Z", "pattern": "[domain-name:value = 'analyticstest.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:41Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d2-4788-43b0-85f3-4c17950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:42.000Z", "modified": "2018-02-21T07:50:42.000Z", "pattern": "[domain-name:value = 'lifeofmentalservice.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d2-f15c-4c5f-99d4-4187950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:42.000Z", "modified": "2018-02-21T07:50:42.000Z", "pattern": "[domain-name:value = 'meteost.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:42Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d3-34ac-47e5-8f63-47e3950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:43.000Z", "modified": "2018-02-21T07:50:43.000Z", "pattern": "[domain-name:value = 'righttopregnantpower.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d3-77a8-4194-a948-4a8e950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:43.000Z", "modified": "2018-02-21T07:50:43.000Z", "pattern": "[domain-name:value = 'kiteim.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d3-11e0-4f5e-abb0-4ec6950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:43.000Z", "modified": "2018-02-21T07:50:43.000Z", "pattern": "[domain-name:value = 'adobe-flash-updates.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:43Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d4-b964-4d38-9de8-42ec950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:44.000Z", "modified": "2018-02-21T07:50:44.000Z", "pattern": "[domain-name:value = 'generalsecurityscan.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d4-4590-48e2-a9a7-4f00950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:44.000Z", "modified": "2018-02-21T07:50:44.000Z", "pattern": "[domain-name:value = 'globalresearching.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:44Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d5-36ec-4aac-bae4-4c3f950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:45.000Z", "modified": "2018-02-21T07:50:45.000Z", "pattern": "[domain-name:value = 'lvueton.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d5-102c-4e72-9a6c-4738950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:45.000Z", "modified": "2018-02-21T07:50:45.000Z", "pattern": "[domain-name:value = 'audiwheel.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d5-9828-4754-8c1a-44fc950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:45.000Z", "modified": "2018-02-21T07:50:45.000Z", "pattern": "[domain-name:value = 'online-reggi.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:45Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d6-ebec-4fde-8eb8-4fea950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:46.000Z", "modified": "2018-02-21T07:50:46.000Z", "pattern": "[domain-name:value = 'fsportal.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d6-cec8-4e3e-bef9-4e73950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:46.000Z", "modified": "2018-02-21T07:50:46.000Z", "pattern": "[domain-name:value = 'netcorpscanprotect.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d6-c09c-4628-90e3-4374950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:46.000Z", "modified": "2018-02-21T07:50:46.000Z", "pattern": "[domain-name:value = 'mvband.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:46Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d7-8a18-46ea-8483-4fb6950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:47.000Z", "modified": "2018-02-21T07:50:47.000Z", "pattern": "[domain-name:value = 'mvtband.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d7-d680-4c88-aa2f-4c39950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:47.000Z", "modified": "2018-02-21T07:50:47.000Z", "pattern": "[domain-name:value = 'viters.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:47Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d8-b19c-4e65-8415-4710950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:48.000Z", "modified": "2018-02-21T07:50:48.000Z", "pattern": "[domain-name:value = 'treepastwillingmoment.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d8-b8b0-4731-a87c-428a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:48.000Z", "modified": "2018-02-21T07:50:48.000Z", "pattern": "[domain-name:value = 'sendmevideo.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d8-4978-41f5-b523-4abd950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:48.000Z", "modified": "2018-02-21T07:50:48.000Z", "pattern": "[domain-name:value = 'satellitedeluxpanorama.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:48Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d9-ff34-48a9-b709-4a84950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:49.000Z", "modified": "2018-02-21T07:50:49.000Z", "pattern": "[domain-name:value = 'ppcodecs.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d9-1968-4616-8dfd-488a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:49.000Z", "modified": "2018-02-21T07:50:49.000Z", "pattern": "[domain-name:value = 'encoder-info.tk']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24d9-0088-40b4-ae61-4521950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:49.000Z", "modified": "2018-02-21T07:50:49.000Z", "pattern": "[domain-name:value = 'wmdmediacodecs.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:49Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24da-90f0-408d-9512-47f6950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:50.000Z", "modified": "2018-02-21T07:50:50.000Z", "pattern": "[domain-name:value = 'postlkwarn.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24da-aa2c-4c86-bcc7-4941950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:50.000Z", "modified": "2018-02-21T07:50:50.000Z", "pattern": "[domain-name:value = 'shcserv.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:50Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24db-0bac-4a89-83a8-4ffc950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:51.000Z", "modified": "2018-02-21T07:50:51.000Z", "pattern": "[domain-name:value = 'versiontask.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24db-faec-476e-b340-4c9a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:51.000Z", "modified": "2018-02-21T07:50:51.000Z", "pattern": "[domain-name:value = 'webcdelivery.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24db-d7bc-4e75-8d4b-4ef5950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:51.000Z", "modified": "2018-02-21T07:50:51.000Z", "pattern": "[domain-name:value = 'miropc.org']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:51Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24dc-b5d4-4aa0-9261-4df3950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:52.000Z", "modified": "2018-02-21T07:50:52.000Z", "pattern": "[domain-name:value = 'securityprotectingcorp.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24dc-4804-4756-a80d-4d9a950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:52.000Z", "modified": "2018-02-21T07:50:52.000Z", "pattern": "[domain-name:value = 'uniquecorpind.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:52Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24dd-6c1c-4b56-a267-42f4950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:53.000Z", "modified": "2018-02-21T07:50:53.000Z", "pattern": "[domain-name:value = 'appexsrv.net']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:53Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a8d24de-3254-4a47-a2ea-4421950d210f", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-02-21T07:50:54.000Z", "modified": "2018-02-21T07:50:54.000Z", "pattern": "[domain-name:value = 'adobeupgradeflash.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-02-21T07:50:54Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a980043-2c20-450d-bc03-0d490a950b0d", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-03-01T13:29:39.000Z", "modified": "2018-03-01T13:29:39.000Z", "pattern": "[file:hashes.SHA256 = '12e6642cf6413bdf5388bee663080fa299591b2ba023d069286f3be9647547c8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-01T13:29:39Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5a980032-9854-4d56-a880-0a3f0a950b0d", "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f", "created": "2018-03-01T13:29:22.000Z", "modified": "2018-03-01T13:29:22.000Z", "pattern": "[file:hashes.SHA256 = 'ff808d0a12676bfac88fd26f955154f8884f2bb7c534b9936510fd6296c543e8']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-03-01T13:29:22Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Payload delivery" } ], "labels": [ "misp:type=\"sha256\"", "misp:category=\"Payload delivery\"", "misp:to_ids=\"True\"" ] }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }