1568 lines
No EOL
67 KiB
JSON
1568 lines
No EOL
67 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--251a72a3-6229-4b4d-85a6-ba6d080dc1af",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:44.000Z",
|
|
"modified": "2024-04-24T08:36:44.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--251a72a3-6229-4b4d-85a6-ba6d080dc1af",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:44.000Z",
|
|
"modified": "2024-04-24T08:36:44.000Z",
|
|
"name": "Lazarus infrastructure (pivot via Censys)",
|
|
"published": "2024-04-24T08:37:24Z",
|
|
"object_refs": [
|
|
"indicator--68723f8a-5cfe-46a2-8e93-46d45219c981",
|
|
"indicator--8727082c-43f2-4895-8d64-a1659022c1cf",
|
|
"indicator--46125b7f-d639-45dc-88cc-199002805cc9",
|
|
"indicator--9f4668e4-ae48-4604-ac2d-75b35cec02b0",
|
|
"indicator--806858cb-28a9-4080-a8e3-c88af3fb3d2d",
|
|
"indicator--e721b5a3-b4d2-489d-b423-d4f326a095e1",
|
|
"x-misp-object--d617ec42-2e54-45de-857a-db9d34999584",
|
|
"indicator--41675331-304f-4585-9c37-606ceb435b4f",
|
|
"x-misp-object--bea576d5-df29-4e4f-ad18-d12da6b47391",
|
|
"x-misp-object--078ab710-8148-4ec5-8d84-8239ead3c46a",
|
|
"x-misp-object--dd8ab76d-cb54-42cd-b23f-4f0edfbd7492",
|
|
"indicator--b5796437-fc77-486f-bbc4-6d71521f5c9c",
|
|
"x-misp-object--87811e21-707c-4822-b796-80010762f809",
|
|
"indicator--e657c20f-7e97-4c81-b4b0-b25f44d24b89",
|
|
"x-misp-object--5588ec6b-e0c5-4c0f-b398-aabd8a2d366c",
|
|
"indicator--ff19c2e1-0b96-4895-9990-b31801a20240",
|
|
"x-misp-object--0b80eb50-b599-42f8-8aac-aa3df9c8f594",
|
|
"x-misp-object--412fc986-3538-4087-85bf-2826b07951e9",
|
|
"indicator--9a3e19b7-ac35-4bd6-b978-0539ff477b5e",
|
|
"x-misp-object--489ead73-6d7b-4104-9a1e-772457947163",
|
|
"indicator--1cbf5e90-34cb-467a-8535-a4c5b8a935af",
|
|
"x-misp-object--e7265d1a-256c-49f7-9d45-f25232db2a76",
|
|
"indicator--26a69929-5a65-45af-a3a5-98520be3cc6b",
|
|
"x-misp-object--9b31994d-bbac-415f-8984-4e41c81d9f95",
|
|
"indicator--1a4be57d-f2be-4ad5-94a5-13a2158f12f5",
|
|
"x-misp-object--879c0b29-46ec-4a56-bd0e-36ad8c8ec9fa",
|
|
"indicator--bd334671-c9e3-49fc-987f-1dde427373fe",
|
|
"x-misp-object--4622fc03-5cf2-4736-b7d9-3efbfa207902",
|
|
"x-misp-object--bad26ac2-376c-4b56-8ff2-9961500fc8e6",
|
|
"indicator--6b72c111-4c24-41b7-b62f-c970b6d726f2",
|
|
"x-misp-object--b49e7d39-88e9-4e5e-8b37-2eb5e2a637be",
|
|
"indicator--2795bd27-ef80-4acf-aed8-1abed1325906",
|
|
"x-misp-object--e130d5ec-cf2e-4183-9196-56d6812272e9",
|
|
"indicator--72224c41-9cd2-40f2-9e2d-18b6af3c6a03",
|
|
"x-misp-object--d53edc93-663c-4c1b-8dbe-108343678524",
|
|
"indicator--651faa81-32b9-4887-be72-d461a22a34ad",
|
|
"x-misp-object--49f8ec88-9968-40cf-a42a-5cf9f32eae96",
|
|
"indicator--6cc9b331-4140-4185-8b0c-e441750e4fcf",
|
|
"indicator--20d9d6c2-d5f2-4a09-9d0c-f7bb924c02a0",
|
|
"x-misp-object--fae1ad6d-0dee-4a31-ba8b-d521805ea6b9",
|
|
"x-misp-object--1edccaa5-de01-4bcf-b908-ed4f86fca30d",
|
|
"indicator--cb1fb27c-d8aa-46fe-92ee-5e8fb873bf2e",
|
|
"x-misp-object--a30b6cd0-b223-4189-bf1b-ded685c8bca3",
|
|
"indicator--aca6211f-57d8-403d-b77e-e98782efb472",
|
|
"x-misp-object--024c7fe4-c010-4347-b479-57688ae9dce6",
|
|
"indicator--9ca2fa02-fcf1-410d-9465-a932e3ef36d4",
|
|
"x-misp-object--e2551682-f3c6-4aa0-bd51-79dfdddba48a",
|
|
"indicator--c3158e76-675d-4216-8658-8979d40b749e",
|
|
"x-misp-object--af60be26-607e-40a1-a071-646d40ca18bf",
|
|
"x-misp-object--bb2a8059-03a2-438a-8db4-e1fd0349dc00",
|
|
"indicator--a7272c5b-8daf-4e34-a10b-94573d5fbf25",
|
|
"x-misp-object--eb1ba819-842c-46fa-a5e2-dac53f8f0c4b",
|
|
"indicator--6584d787-3ab2-472a-a977-c30311f95660"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"misp-galaxy:threat-actor=\"Lazarus Group\"",
|
|
"type:OSINT",
|
|
"osint:lifetime=\"perpetual\"",
|
|
"osint:certainty=\"50\"",
|
|
"tlp:clear"
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--68723f8a-5cfe-46a2-8e93-46d45219c981",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:25:50.000Z",
|
|
"modified": "2024-04-24T08:25:50.000Z",
|
|
"description": "On port 1244",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.212.89' AND network-traffic:dst_port = '1244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:25:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst|port\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--8727082c-43f2-4895-8d64-a1659022c1cf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:25:51.000Z",
|
|
"modified": "2024-04-24T08:25:51.000Z",
|
|
"description": "On port 1244",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.214.129' AND network-traffic:dst_port = '1244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst|port\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--46125b7f-d639-45dc-88cc-199002805cc9",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:25:51.000Z",
|
|
"modified": "2024-04-24T08:25:51.000Z",
|
|
"description": "On port 1244",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.214.131' AND network-traffic:dst_port = '1244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst|port\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--9f4668e4-ae48-4604-ac2d-75b35cec02b0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:25:51.000Z",
|
|
"modified": "2024-04-24T08:25:51.000Z",
|
|
"description": "On port 1244",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.214.237' AND network-traffic:dst_port = '1244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst|port\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--806858cb-28a9-4080-a8e3-c88af3fb3d2d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:25:51.000Z",
|
|
"modified": "2024-04-24T08:25:51.000Z",
|
|
"description": "On port 1244",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.203.7.171' AND network-traffic:dst_port = '1244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst|port\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--e721b5a3-b4d2-489d-b423-d4f326a095e1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:25:51.000Z",
|
|
"modified": "2024-04-24T08:25:51.000Z",
|
|
"description": "On port 1244",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.203.7.245' AND network-traffic:dst_port = '1244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst|port\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--d617ec42-2e54-45de-857a-db9d34999584",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:27:12.000Z",
|
|
"modified": "2024-04-24T08:27:12.000Z",
|
|
"labels": [
|
|
"misp:name=\"query\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "text",
|
|
"object_relation": "author",
|
|
"value": "Cyberteam008",
|
|
"category": "Other",
|
|
"uuid": "3f2ee2cf-c122-4c63-a0a3-0ebe5daaade7"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "format",
|
|
"value": "censys",
|
|
"category": "Other",
|
|
"uuid": "a751432c-85fd-4ed3-bc3b-2407d2fe9b17"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "query",
|
|
"value": "services.http.response.body_hashes=\"sha256:e74dc1314bdb5dee30e2882734167dbdb82667346a54d38170212c953787b08c\"",
|
|
"category": "Other",
|
|
"uuid": "6809c6cd-c7bd-44ed-a11f-fc1a6a290816"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "query"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--41675331-304f-4585-9c37-606ceb435b4f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:28:45.000Z",
|
|
"modified": "2024-04-24T08:28:45.000Z",
|
|
"pattern": "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.214.129') AND (network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.214.131') AND (network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.214.237') AND (network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.203.7.171') AND (network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.203.7.245') AND (network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '147.124.212.89') AND network-traffic:dst_port = '1244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:28:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"ip-port\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--bea576d5-df29-4e4f-ad18-d12da6b47391",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:30:50.000Z",
|
|
"modified": "2024-04-24T08:30:50.000Z",
|
|
"labels": [
|
|
"misp:name=\"twitter-post\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "text",
|
|
"object_relation": "post",
|
|
"value": "#Censys Query for #Lazarus #APT\r\n\r\nservices.http.response.body_hashes=\"sha256:e74dc1314bdb5dee30e2882734167dbdb82667346a54d38170212c953787b08c\"\r\n\r\nInfra:\r\n147.124.212[.]89\r\n147.124.214[.]129\r\n147.124.214[.]131\r\n147.124.214[.]237\r\n67.203.7[.]171\r\n67.203.7[.]245\r\n\r\n@500mk500\r\n #Malware #ioc #CTI",
|
|
"category": "Other",
|
|
"uuid": "ea41fd6a-2196-48ab-8025-e328a7d7992b"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "link",
|
|
"value": "https://twitter.com/Cyberteam008/status/1782983614701162993",
|
|
"category": "External analysis",
|
|
"uuid": "00c6d305-e7a7-4ea1-a067-29cedc40296b"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "name",
|
|
"value": "Cyberteam008",
|
|
"category": "Other",
|
|
"uuid": "cb3b2ddb-1414-474e-ba75-8339e912f455"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "twitter-post"
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--078ab710-8148-4ec5-8d84-8239ead3c46a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:33:12.000Z",
|
|
"modified": "2024-04-24T08:33:12.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/ip_address/147.124.214.129",
|
|
"category": "External analysis",
|
|
"uuid": "7a1759a9-95c0-41b0-a944-64cdc806aa59"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/90",
|
|
"category": "Other",
|
|
"uuid": "2ca485f3-12d2-4d85-94d4-820a2106441f"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.129: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--dd8ab76d-cb54-42cd-b23f-4f0edfbd7492",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:33:12.000Z",
|
|
"modified": "2024-04-24T08:33:12.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/b5a001a02bd72cd7d636ab972c3f94c752b699469497cb07bdc83f6a94c16263",
|
|
"category": "External analysis",
|
|
"uuid": "2fac0832-0eb6-4aa1-b7ea-ab16220dbdcd"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/92",
|
|
"category": "Other",
|
|
"uuid": "00635b13-0176-4c9d-b19e-e01a653d1c0e"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.129: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b5796437-fc77-486f-bbc4-6d71521f5c9c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:33:12.000Z",
|
|
"modified": "2024-04-24T08:33:12.000Z",
|
|
"description": "147.124.214.129: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'https://147.124.214.129/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:33:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--87811e21-707c-4822-b796-80010762f809",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:33:12.000Z",
|
|
"modified": "2024-04-24T08:33:12.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/7653aa05dcd8d6877ed0e81e40c77767ae20a6ce617886e5867457293232a4d1",
|
|
"category": "External analysis",
|
|
"uuid": "921bc5aa-d7e5-4309-ba1f-efefb3177e40"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "969e1aba-0773-4491-99b1-78fbe3c2925c"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.129: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--e657c20f-7e97-4c81-b4b0-b25f44d24b89",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:33:12.000Z",
|
|
"modified": "2024-04-24T08:33:12.000Z",
|
|
"description": "147.124.214.129: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.214.129/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:33:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--5588ec6b-e0c5-4c0f-b398-aabd8a2d366c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:33:12.000Z",
|
|
"modified": "2024-04-24T08:33:12.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/2d6fdf38f306cbfd5e4ca5c143a1a86f21e8c8dfc5931b4c666a9c21184768dc",
|
|
"category": "External analysis",
|
|
"uuid": "2b1600d3-b5b1-4ca1-9708-9ca186374da2"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/93",
|
|
"category": "Other",
|
|
"uuid": "91b924ac-f8ef-4e34-a159-29af58d35835"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.129: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ff19c2e1-0b96-4895-9990-b31801a20240",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:33:12.000Z",
|
|
"modified": "2024-04-24T08:33:12.000Z",
|
|
"description": "147.124.214.129: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.214.129:1244/payload/unVzOQ8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:33:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--0b80eb50-b599-42f8-8aac-aa3df9c8f594",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/ip_address/147.124.214.237",
|
|
"category": "External analysis",
|
|
"uuid": "a2c8b5be-ce00-425a-b693-2897c9193a5b"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/90",
|
|
"category": "Other",
|
|
"uuid": "a273c0cd-cb2f-44bd-a50d-70927142344b"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.237: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--412fc986-3538-4087-85bf-2826b07951e9",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/5b3c3e2db032e8bd94ddd49f02def60cb357e620d3e28d240e4bc35c2a94dd8c",
|
|
"category": "External analysis",
|
|
"uuid": "b47bac9a-5478-4763-9031-e4c17787461d"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "d7e4c335-0289-415a-9437-1c4f17004066"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.237: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--9a3e19b7-ac35-4bd6-b978-0539ff477b5e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"description": "147.124.214.237: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.214.237:1244/brow']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--489ead73-6d7b-4104-9a1e-772457947163",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/d61ed447badff5db96eeec028b74aa79c02b9e56f604a4f1ec496d8f0286ee6e",
|
|
"category": "External analysis",
|
|
"uuid": "39ffcfe1-63b8-4618-adb2-c7680ffe1bff"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "e4b5e1ed-01bf-4a3b-a3b0-a94100b67544"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.237: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1cbf5e90-34cb-467a-8535-a4c5b8a935af",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"description": "147.124.214.237: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.214.237:1244/pdown']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--e7265d1a-256c-49f7-9d45-f25232db2a76",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/c01fbe5731f89e487be2ed9e9efeac95586ec1e0367118dba6e38f9f39cd68da",
|
|
"category": "External analysis",
|
|
"uuid": "c074fbb2-cf6d-4520-b34c-4e2eb7017860"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "7547bf75-aba4-4940-ba38-0bc3c4ab3d92"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.237: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--26a69929-5a65-45af-a3a5-98520be3cc6b",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"description": "147.124.214.237: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.214.237:1244/payload\\\\%20C966DB7F818B24170E373FAB10580D88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--9b31994d-bbac-415f-8984-4e41c81d9f95",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/254709110cd9407cb1bcd2bda82c5fc63145779a2f326a876f06a344173ccf33",
|
|
"category": "External analysis",
|
|
"uuid": "9de9d593-d07b-44bd-9cf2-2a38d084ea13"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "8c8fab1f-ad08-4b72-bca4-7d2c4db3ab2c"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.237: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1a4be57d-f2be-4ad5-94a5-13a2158f12f5",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"description": "147.124.214.237: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.214.237:1244/adc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--879c0b29-46ec-4a56-bd0e-36ad8c8ec9fa",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/5a8711914d6c9de4a459501d2a161dc780803be7685ff479adc90988b91bed48",
|
|
"category": "External analysis",
|
|
"uuid": "99a46205-5275-4541-812f-f3980deebbad"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "105eaadc-3fa7-4efc-9c9b-d9c54de2a824"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.214.237: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--bd334671-c9e3-49fc-987f-1dde427373fe",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:02.000Z",
|
|
"modified": "2024-04-24T08:34:02.000Z",
|
|
"description": "147.124.214.237: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'https://147.124.214.237:1244/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4622fc03-5cf2-4736-b7d9-3efbfa207902",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/ip_address/147.124.212.89",
|
|
"category": "External analysis",
|
|
"uuid": "de5f4505-d01e-4254-9927-d292c8fede59"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "2/90",
|
|
"category": "Other",
|
|
"uuid": "c49ce515-b8f6-4552-a3fb-ba891a6e84e6"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.212.89: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--bad26ac2-376c-4b56-8ff2-9961500fc8e6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/c85c0cfe5e9f940881d451dadc465a72e10315fd8fae5ce11131a5eb6db9aef9",
|
|
"category": "External analysis",
|
|
"uuid": "96873bb6-a393-4aa9-b180-672b263dde88"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "2/92",
|
|
"category": "Other",
|
|
"uuid": "3668f40d-4083-4b04-a356-981616123b76"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.212.89: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6b72c111-4c24-41b7-b62f-c970b6d726f2",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"description": "147.124.212.89: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'https://147.124.212.89/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b49e7d39-88e9-4e5e-8b37-2eb5e2a637be",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/bdae7860e68019ec150666e3dfd7a2fac153f59a237632ace42e09d92dd19973",
|
|
"category": "External analysis",
|
|
"uuid": "9cb4daf6-0f3d-4be2-a3ff-69496fe7c90e"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "2/92",
|
|
"category": "Other",
|
|
"uuid": "27eaf4e4-0416-4bf5-9e12-58c0cbe05fe4"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.212.89: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--2795bd27-ef80-4acf-aed8-1abed1325906",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"description": "147.124.212.89: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.212.89/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--e130d5ec-cf2e-4183-9196-56d6812272e9",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/af04a334c9895c01ca73163345c8510bae4087df412046cfc42eba81124acace",
|
|
"category": "External analysis",
|
|
"uuid": "f8d1eb72-b2b0-4072-bb41-b237d5510c9d"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/90",
|
|
"category": "Other",
|
|
"uuid": "aa532629-b2c7-4dc3-b32a-dd8214999904"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.212.89: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--72224c41-9cd2-40f2-9e2d-18b6af3c6a03",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"description": "147.124.212.89: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.212.89:1224/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--d53edc93-663c-4c1b-8dbe-108343678524",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/9be7fa7ec41794190c7125d8457411a757422e754f8d3b15b55587e51096b3fe",
|
|
"category": "External analysis",
|
|
"uuid": "c0b53734-f605-42c2-a321-f69df5c097a9"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/90",
|
|
"category": "Other",
|
|
"uuid": "9a429795-2e39-42ce-b058-f2fd688076dd"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.212.89: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--651faa81-32b9-4887-be72-d461a22a34ad",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"description": "147.124.212.89: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.212.89:1244/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--49f8ec88-9968-40cf-a42a-5cf9f32eae96",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/a37f36b92a3ac0bc8afe4f4787f99073e10640e7d1ce355f1b898c4ad1f6398f",
|
|
"category": "External analysis",
|
|
"uuid": "7c79dbd2-055f-4d4b-a5c4-8fb364f0b46a"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/90",
|
|
"category": "Other",
|
|
"uuid": "d1944279-9d07-48db-bd44-52158702425c"
|
|
}
|
|
],
|
|
"x_misp_comment": "147.124.212.89: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6cc9b331-4140-4185-8b0c-e441750e4fcf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"description": "147.124.212.89: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://147.124.212.89:1244/node/18.18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--20d9d6c2-d5f2-4a09-9d0c-f7bb924c02a0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:34:58.000Z",
|
|
"modified": "2024-04-24T08:34:58.000Z",
|
|
"description": "147.124.212.89: Enriched via the virustotal module",
|
|
"pattern": "[domain-name:value = 'www.tracksmobiles.com' AND domain-name:value = 'tracksmobiles.com' AND domain-name:resolves_to_refs[*].value = '147.124.212.89']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:34:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"domain-ip\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--fae1ad6d-0dee-4a31-ba8b-d521805ea6b9",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:08.000Z",
|
|
"modified": "2024-04-24T08:36:08.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/ip_address/67.203.7.171",
|
|
"category": "External analysis",
|
|
"uuid": "2c20e809-31f6-4e69-9653-dfb65d584d76"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/90",
|
|
"category": "Other",
|
|
"uuid": "e684019d-39c4-4ad4-a4a3-ea6240dca812"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.171: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--1edccaa5-de01-4bcf-b908-ed4f86fca30d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:08.000Z",
|
|
"modified": "2024-04-24T08:36:08.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/1e660e42711d2b6a08c50ef095647906c918f7f4c0d21220a4f8fdb8767f47f1",
|
|
"category": "External analysis",
|
|
"uuid": "aa72c9b9-edeb-473c-a52e-8a6a963dfac3"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/92",
|
|
"category": "Other",
|
|
"uuid": "ca1706ba-0ea7-47c8-b807-bfa17b53441d"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.171: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--cb1fb27c-d8aa-46fe-92ee-5e8fb873bf2e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:08.000Z",
|
|
"modified": "2024-04-24T08:36:08.000Z",
|
|
"description": "67.203.7.171: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'https://67.203.7.171/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:36:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--a30b6cd0-b223-4189-bf1b-ded685c8bca3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:08.000Z",
|
|
"modified": "2024-04-24T08:36:08.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/a77237b06a5e164f05731f954ff8f3f8ccff2e3588d7807b79981a7510b041ca",
|
|
"category": "External analysis",
|
|
"uuid": "d97f6014-2979-4f47-b0af-db42642d704b"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "df7d2fa6-8371-41db-a8cb-d3cd69628113"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.171: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--aca6211f-57d8-403d-b77e-e98782efb472",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:08.000Z",
|
|
"modified": "2024-04-24T08:36:08.000Z",
|
|
"description": "67.203.7.171: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://67.203.7.171:1244/keys']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:36:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--024c7fe4-c010-4347-b479-57688ae9dce6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:08.000Z",
|
|
"modified": "2024-04-24T08:36:08.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/3ecc56fdf81ae926693d85ed7dac3c988570adbc6e5cb3d72436c65123bb0bc8",
|
|
"category": "External analysis",
|
|
"uuid": "58a7f10e-5e61-46ad-aa0c-0a7b7a802db9"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/93",
|
|
"category": "Other",
|
|
"uuid": "58f43fc8-67e8-4c84-908d-8e10b546fc24"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.171: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--9ca2fa02-fcf1-410d-9465-a932e3ef36d4",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:08.000Z",
|
|
"modified": "2024-04-24T08:36:08.000Z",
|
|
"description": "67.203.7.171: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://67.203.7.171/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:36:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--e2551682-f3c6-4aa0-bd51-79dfdddba48a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:09.000Z",
|
|
"modified": "2024-04-24T08:36:09.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/2c7956ea5db66e46d794d6f4e0100f844189959e297d931e53b6ca33fb50e338",
|
|
"category": "External analysis",
|
|
"uuid": "3c0c38e4-4386-426c-ac5a-774a799c44cc"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "0173c5a6-9988-4de4-8add-62ccb6d714be"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.171: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c3158e76-675d-4216-8658-8979d40b749e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:09.000Z",
|
|
"modified": "2024-04-24T08:36:09.000Z",
|
|
"description": "67.203.7.171: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://67.203.7.171:1244/pdown']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:36:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--af60be26-607e-40a1-a071-646d40ca18bf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:44.000Z",
|
|
"modified": "2024-04-24T08:36:44.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/ip_address/67.203.7.245",
|
|
"category": "External analysis",
|
|
"uuid": "c70bd67a-765b-48b3-ad7c-dd6a663c93ae"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/90",
|
|
"category": "Other",
|
|
"uuid": "ea2b76f1-f8f9-4e75-baf5-f4360d698fab"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.245: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--bb2a8059-03a2-438a-8db4-e1fd0349dc00",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:44.000Z",
|
|
"modified": "2024-04-24T08:36:44.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/00d3fda989f4aed38c3aac2f62f2554cf50e06e91fc95eef532e95e906afe240",
|
|
"category": "External analysis",
|
|
"uuid": "c1e969d1-d9b9-4863-b83a-76cc87436655"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "1/92",
|
|
"category": "Other",
|
|
"uuid": "f15e3151-ef3a-4d84-942e-16068ef6e719"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.245: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a7272c5b-8daf-4e34-a10b-94573d5fbf25",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:44.000Z",
|
|
"modified": "2024-04-24T08:36:44.000Z",
|
|
"description": "67.203.7.245: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'https://67.203.7.245/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:36:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--eb1ba819-842c-46fa-a5e2-dac53f8f0c4b",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:44.000Z",
|
|
"modified": "2024-04-24T08:36:44.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/gui/url/cb7cfbc3ad3983126d8ad2bf7d55c8bd42a02a44ae5e91bf74f1931ce248c860",
|
|
"category": "External analysis",
|
|
"uuid": "22543c3e-93a5-402d-831f-8423e9193569"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "0/92",
|
|
"category": "Other",
|
|
"uuid": "5bf7daaf-a7de-4fa4-9579-e9f002a2629b"
|
|
}
|
|
],
|
|
"x_misp_comment": "67.203.7.245: Enriched via the virustotal module",
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6584d787-3ab2-472a-a977-c30311f95660",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2024-04-24T08:36:44.000Z",
|
|
"modified": "2024-04-24T08:36:44.000Z",
|
|
"description": "67.203.7.245: Enriched via the virustotal module",
|
|
"pattern": "[url:value = 'http://67.203.7.245/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2024-04-24T08:36:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "network"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"url\"",
|
|
"misp:meta-category=\"network\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |