{ "type": "bundle", "id": "bundle--5b16dcc8-2750-456f-8840-fbae0acd0835", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-05T19:52:55.000Z", "modified": "2018-06-05T19:52:55.000Z", "name": "Synovus Financial", "identity_class": "organization" }, { "type": "report", "spec_version": "2.1", "id": "report--5b16dcc8-2750-456f-8840-fbae0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-05T19:52:55.000Z", "modified": "2018-06-05T19:52:55.000Z", "name": "Phishing Domains", "published": "2018-06-05T19:53:13Z", "object_refs": [ "indicator--5b16dcc8-ff80-45d8-af41-fbae0acd0835", "indicator--5b16dcc9-4800-453c-a5e0-fbae0acd0835", "indicator--5b16dd24-3978-4273-ae98-09040acd0835", "observed-data--5b16dd72-f564-4957-bed4-fd3a0acd0835", "x509-certificate--5b16dd72-f564-4957-bed4-fd3a0acd0835", "x-misp-attribute--5b16ea17-a1a8-41e5-996c-453a0acd0835" ], "labels": [ "Threat-Report", "misp:tool=\"MISP-STIX-Converter\"", "veris:action:social:variety=\"Phishing\"" ], "object_marking_refs": [ "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b16dcc8-ff80-45d8-af41-fbae0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-05T18:59:11.000Z", "modified": "2018-06-05T18:59:11.000Z", "pattern": "[domain-name:value = 'elfsrush.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-05T18:59:11Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b16dcc9-4800-453c-a5e0-fbae0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-05T18:59:12.000Z", "modified": "2018-06-05T18:59:12.000Z", "pattern": "[domain-name:value = 'web-traveller.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-05T18:59:12Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "indicator", "spec_version": "2.1", "id": "indicator--5b16dd24-3978-4273-ae98-09040acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-05T18:59:14.000Z", "modified": "2018-06-05T18:59:14.000Z", "pattern": "[domain-name:value = 'edatasales.com']", "pattern_type": "stix", "pattern_version": "2.1", "valid_from": "2018-06-05T18:59:14Z", "kill_chain_phases": [ { "kill_chain_name": "misp-category", "phase_name": "Network activity" } ], "labels": [ "misp:type=\"domain\"", "misp:category=\"Network activity\"", "misp:to_ids=\"True\"" ] }, { "type": "observed-data", "spec_version": "2.1", "id": "observed-data--5b16dd72-f564-4957-bed4-fd3a0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-05T18:58:58.000Z", "modified": "2018-06-05T18:58:58.000Z", "first_observed": "2018-06-05T18:58:58Z", "last_observed": "2018-06-05T18:58:58Z", "number_observed": 1, "object_refs": [ "x509-certificate--5b16dd72-f564-4957-bed4-fd3a0acd0835" ], "labels": [ "misp:type=\"x509-fingerprint-sha1\"", "misp:category=\"Attribution\"" ] }, { "type": "x509-certificate", "spec_version": "2.1", "id": "x509-certificate--5b16dd72-f564-4957-bed4-fd3a0acd0835", "hashes": { "SHA-1": "df7972bcdbf00300afcc3c9d8ea8e153efda87f8" } }, { "type": "x-misp-attribute", "spec_version": "2.1", "id": "x-misp-attribute--5b16ea17-a1a8-41e5-996c-453a0acd0835", "created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a", "created": "2018-06-05T19:52:55.000Z", "modified": "2018-06-05T19:52:55.000Z", "labels": [ "misp:type=\"text\"", "misp:category=\"External analysis\"" ], "x_misp_category": "External analysis", "x_misp_type": "text", "x_misp_value": "Possibly related to Easy Auto Refresh Chrome Extension." }, { "type": "marking-definition", "spec_version": "2.1", "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9", "created": "2017-01-20T00:00:00.000Z", "definition_type": "tlp", "name": "TLP:WHITE", "definition": { "tlp": "white" } } ] }