adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/54b62236-69d4-4154-854a-4862950d210b.json

729 lines
No EOL
30 KiB
JSON
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--54b62236-69d4-4154-854a-4862950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:07:26.000Z",
"modified": "2015-01-14T08:07:26.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--54b62236-69d4-4154-854a-4862950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:07:26.000Z",
"modified": "2015-01-14T08:07:26.000Z",
"name": "OSINT Cridex, Feodo, Geodo, Dridex, whats next? by abuse.ch",
"published": "2016-02-22T15:16:06Z",
"object_refs": [
"observed-data--54b62282-9be0-4a87-ae0f-acbf950d210b",
"url--54b62282-9be0-4a87-ae0f-acbf950d210b",
"x-misp-attribute--54b6228a-01e8-4c71-852d-d563950d210b",
"indicator--54b622c7-5828-428f-9a06-0d21950d210b",
"indicator--54b622dc-aae0-4660-a75e-5d3c950d210b",
"indicator--54b62326-9260-4552-b9ae-4856950d210b",
"indicator--54b62326-c8a4-43f9-af29-4e1a950d210b",
"indicator--54b62326-4b78-4984-a5f1-4aae950d210b",
"indicator--54b62326-78c0-451a-b5ba-4416950d210b",
"indicator--54b62326-03ac-49ba-b4d6-4db9950d210b",
"indicator--54b62326-bacc-49ff-9b51-4922950d210b",
"indicator--54b62326-9210-4889-ab0a-4522950d210b",
"indicator--54b62336-65f0-4e17-ab96-6099950d210b",
"indicator--54b62336-da60-4905-86f6-6099950d210b",
"indicator--54b62336-e04c-43d3-956b-6099950d210b",
"indicator--54b62336-5334-4353-b414-6099950d210b",
"indicator--54b62336-6dd4-45cf-8651-6099950d210b",
"indicator--54b623be-2ac4-41ec-be31-5d3c950d210b",
"indicator--54b623be-e808-4f42-b450-5d3c950d210b",
"indicator--54b623be-9ff4-4e01-802b-5d3c950d210b",
"indicator--54b623be-7534-4356-a730-5d3c950d210b",
"indicator--56c64b6f-bc64-44f1-a5ba-4fd5950d210f",
"indicator--56c64b71-3f28-4405-be9e-c651950d210f",
"indicator--56c64b73-32ec-4ea5-9653-4f63950d210f",
"indicator--56c64b75-5360-49ac-a393-5ca1950d210f",
"indicator--56c64b70-fce4-47da-8cbf-c652950d210f",
"indicator--56c64b72-e594-4851-86d5-48a0950d210f",
"indicator--56c64b74-caf8-4c9b-8abe-599d950d210f",
"indicator--56c64b75-459c-4f0c-8daa-599e950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--54b62282-9be0-4a87-ae0f-acbf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:02:10.000Z",
"modified": "2015-01-14T08:02:10.000Z",
"first_observed": "2015-01-14T08:02:10Z",
"last_observed": "2015-01-14T08:02:10Z",
"number_observed": 1,
"object_refs": [
"url--54b62282-9be0-4a87-ae0f-acbf950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--54b62282-9be0-4a87-ae0f-acbf950d210b",
"value": "https://www.abuse.ch/?p=8332"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54b6228a-01e8-4c71-852d-d563950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:02:18.000Z",
"modified": "2015-01-14T08:02:18.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Dridex"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b622c7-5828-428f-9a06-0d21950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:03:19.000Z",
"modified": "2015-01-14T08:03:19.000Z",
"description": "port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.135.28.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:03:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b622dc-aae0-4660-a75e-5d3c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:03:40.000Z",
"modified": "2015-01-14T08:03:40.000Z",
"description": "port 9955",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.135.28.109']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:03:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62326-9260-4552-b9ae-4856950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:04:54.000Z",
"modified": "2015-01-14T08:04:54.000Z",
"description": "port 8080",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.76.44.174']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:04:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62326-c8a4-43f9-af29-4e1a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:04:54.000Z",
"modified": "2015-01-14T08:04:54.000Z",
"description": "port 8080",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.56.34.20']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:04:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62326-4b78-4984-a5f1-4aae950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:04:54.000Z",
"modified": "2015-01-14T08:04:54.000Z",
"description": "port 8080",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.139.47.177']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:04:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62326-78c0-451a-b5ba-4416950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:04:54.000Z",
"modified": "2015-01-14T08:04:54.000Z",
"description": "port 8080",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.166.70.44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:04:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62326-03ac-49ba-b4d6-4db9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:04:54.000Z",
"modified": "2015-01-14T08:04:54.000Z",
"description": "port 8080",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.124.205.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:04:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62326-bacc-49ff-9b51-4922950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:04:54.000Z",
"modified": "2015-01-14T08:04:54.000Z",
"description": "port 8080",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.214.26.248']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:04:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62326-9210-4889-ab0a-4522950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:04:54.000Z",
"modified": "2015-01-14T08:04:54.000Z",
"description": "port 8080",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.208.81.204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:04:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62336-65f0-4e17-ab96-6099950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:05:10.000Z",
"modified": "2015-01-14T08:05:10.000Z",
"pattern": "[file:hashes.MD5 = '532e7924f759aab014dedca651398ce6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:05:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62336-da60-4905-86f6-6099950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:05:10.000Z",
"modified": "2015-01-14T08:05:10.000Z",
"pattern": "[file:hashes.MD5 = '818bb82d1845eacedabdd5d0a5de310c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:05:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62336-e04c-43d3-956b-6099950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:05:10.000Z",
"modified": "2015-01-14T08:05:10.000Z",
"pattern": "[file:hashes.MD5 = 'fab100a415254de5c8af70eb1c7eb2d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:05:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62336-5334-4353-b414-6099950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:05:10.000Z",
"modified": "2015-01-14T08:05:10.000Z",
"pattern": "[file:hashes.MD5 = '95d4a587ac1a128db890035793483885']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:05:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b62336-6dd4-45cf-8651-6099950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:05:10.000Z",
"modified": "2015-01-14T08:05:10.000Z",
"pattern": "[file:hashes.MD5 = 'f8edaacbfc88a8f045bf2bbbd75c435b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:05:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b623be-2ac4-41ec-be31-5d3c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:07:26.000Z",
"modified": "2015-01-14T08:07:26.000Z",
"pattern": "[url:value = '/logs/ukvbvg/js.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:07:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b623be-e808-4f42-b450-5d3c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:07:26.000Z",
"modified": "2015-01-14T08:07:26.000Z",
"pattern": "[url:value = '/logs/ukvbvg/in.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:07:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b623be-9ff4-4e01-802b-5d3c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:07:26.000Z",
"modified": "2015-01-14T08:07:26.000Z",
"pattern": "[url:value = '/injectgate']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:07:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54b623be-7534-4356-a730-5d3c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-01-14T08:07:26.000Z",
"modified": "2015-01-14T08:07:26.000Z",
"pattern": "[url:value = '/tokengate']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-01-14T08:07:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b6f-bc64-44f1-a5ba-4fd5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:35.000Z",
"modified": "2016-02-18T22:53:35.000Z",
"description": "Automatically added (via f8edaacbfc88a8f045bf2bbbd75c435b)",
"pattern": "[file:hashes.SHA1 = '444a3133c619eae0c899422684787372ec2291ba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b71-3f28-4405-be9e-c651950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:37.000Z",
"modified": "2016-02-18T22:53:37.000Z",
"description": "Automatically added (via 95d4a587ac1a128db890035793483885)",
"pattern": "[file:hashes.SHA1 = '233de4235c7ca7534f19d97bf482b72776e2deb3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b73-32ec-4ea5-9653-4f63950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:39.000Z",
"modified": "2016-02-18T22:53:39.000Z",
"description": "Automatically added (via fab100a415254de5c8af70eb1c7eb2d0)",
"pattern": "[file:hashes.SHA1 = '70a2151dbdf1deff221e3c712054320a35751b7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b75-5360-49ac-a393-5ca1950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:41.000Z",
"modified": "2016-02-18T22:53:41.000Z",
"description": "Automatically added (via 532e7924f759aab014dedca651398ce6)",
"pattern": "[file:hashes.SHA1 = '8f1dd9903815fad8ecfdb55fe277f425e8aa7cfc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b70-fce4-47da-8cbf-c652950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:36.000Z",
"modified": "2016-02-18T22:53:36.000Z",
"description": "Automatically added (via f8edaacbfc88a8f045bf2bbbd75c435b)",
"pattern": "[file:hashes.SHA256 = 'ebb5c47f46954c5a6786cc040e5cc1a16d3765584f3f58cf1a3bf3fe7c9eceae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b72-e594-4851-86d5-48a0950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:38.000Z",
"modified": "2016-02-18T22:53:38.000Z",
"description": "Automatically added (via 95d4a587ac1a128db890035793483885)",
"pattern": "[file:hashes.SHA256 = '76d759ff75723d76f3aa8cfe1785d220359c5b298a13db9d853cbca32d4752be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b74-caf8-4c9b-8abe-599d950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:40.000Z",
"modified": "2016-02-18T22:53:40.000Z",
"description": "Automatically added (via fab100a415254de5c8af70eb1c7eb2d0)",
"pattern": "[file:hashes.SHA256 = '62ba5cff1f48a529a6eb5f43fb790bc49433a9f0ed219f1ca0d890563eaea218']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c64b75-459c-4f0c-8daa-599e950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T22:53:41.000Z",
"modified": "2016-02-18T22:53:41.000Z",
"description": "Automatically added (via 532e7924f759aab014dedca651398ce6)",
"pattern": "[file:hashes.SHA256 = '960ed795dca89e50745251adf6712719a1af1aa5fd1a66c9424c777574180548']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T22:53:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:GREEN",
"definition": {
"tlp": "green"
}
}
]
}
Reference in a new issue View git blame Copy permalink