adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/54eee0da-d1c8-441e-a760-3839950d210b.json

1959 lines
No EOL
77 KiB
JSON
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--54eee0da-d1c8-441e-a760-3839950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T13:59:28.000Z",
"modified": "2015-02-26T13:59:28.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--54eee0da-d1c8-441e-a760-3839950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T13:59:28.000Z",
"modified": "2015-02-26T13:59:28.000Z",
"name": "Fessleak before It Was Cool by OpenDNS",
"published": "2015-02-26T13:59:59Z",
"object_refs": [
"observed-data--54eee0e4-8894-4718-98d1-0c01950d210b",
"url--54eee0e4-8894-4718-98d1-0c01950d210b",
"x-misp-attribute--54eee0f9-5050-48b3-84b0-8bb2950d210b",
"x-misp-attribute--54eee12f-aaa4-4f61-8038-2b95950d210b",
"indicator--54eee189-5108-465b-8e6f-857e950d210b",
"indicator--54eee189-63b4-4396-8220-857e950d210b",
"indicator--54eee189-4f08-459b-8922-857e950d210b",
"indicator--54eee189-cf34-45ae-bb2e-857e950d210b",
"indicator--54eee189-3bdc-4b02-902e-857e950d210b",
"indicator--54eee189-1280-42d6-bde0-857e950d210b",
"indicator--54eee18a-ac30-4ee9-954d-857e950d210b",
"indicator--54eee18a-71e0-4383-927f-857e950d210b",
"indicator--54eee18a-99b0-4983-83ef-857e950d210b",
"indicator--54eee18a-355c-435b-9d1b-857e950d210b",
"indicator--54eee18a-b200-4ad7-9787-857e950d210b",
"indicator--54eee18a-f1cc-45bd-b03d-857e950d210b",
"indicator--54eee18a-0d34-4901-b46f-857e950d210b",
"indicator--54eee18a-6a08-45d5-84f4-857e950d210b",
"indicator--54eee18a-52f4-4c6c-985a-857e950d210b",
"indicator--54eee18a-8060-4392-899e-857e950d210b",
"indicator--54eee18a-c6e8-4463-98a2-857e950d210b",
"indicator--54eee18a-b890-4fbe-bc3a-857e950d210b",
"indicator--54eee18b-4330-4173-b7cf-857e950d210b",
"indicator--54eee18b-7af0-4361-ac3a-857e950d210b",
"indicator--54eee18b-1e7c-4847-8346-857e950d210b",
"indicator--54eee18b-85d4-463d-8422-857e950d210b",
"indicator--54eee18b-c35c-47c3-bca2-857e950d210b",
"indicator--54eee18b-4534-41cc-8940-857e950d210b",
"indicator--54eee18b-4bc4-4f91-85ce-857e950d210b",
"indicator--54eee18b-f258-45e2-886a-857e950d210b",
"indicator--54eee18b-cb3c-4402-9fce-857e950d210b",
"indicator--54eee18b-70e4-436c-97d6-857e950d210b",
"indicator--54eee18b-0e50-46a3-8e95-857e950d210b",
"indicator--54eee18b-691c-43b0-8320-857e950d210b",
"indicator--54eee18c-d5e0-4085-903f-857e950d210b",
"observed-data--54eee203-a790-44a6-904c-5a29950d210b",
"url--54eee203-a790-44a6-904c-5a29950d210b",
"observed-data--54eee203-d334-4171-a8e2-5a29950d210b",
"url--54eee203-d334-4171-a8e2-5a29950d210b",
"observed-data--54eee203-36b0-42a7-a5cd-5a29950d210b",
"url--54eee203-36b0-42a7-a5cd-5a29950d210b",
"indicator--54eee278-9c30-4481-b5f4-857e950d210b",
"indicator--54eee278-c6d8-4838-b0af-857e950d210b",
"indicator--54eee279-66a4-4b4b-8cf0-857e950d210b",
"indicator--54eee279-f4a0-4c96-9cda-857e950d210b",
"indicator--54eee279-fd80-4a93-b328-857e950d210b",
"indicator--54eee279-1014-42b8-830b-857e950d210b",
"indicator--54eee279-2098-4ffe-9753-857e950d210b",
"indicator--54eee279-9c1c-4919-b8c3-857e950d210b",
"indicator--54eee279-5eb4-4139-92b2-857e950d210b",
"indicator--54eee279-c808-4619-ac54-857e950d210b",
"indicator--54eee279-50c8-4b4c-8105-857e950d210b",
"indicator--54eee279-0d7c-40ce-9644-857e950d210b",
"indicator--54eee27a-6eb8-4720-a189-857e950d210b",
"indicator--54eee27a-a1c8-4f20-b84b-857e950d210b",
"indicator--54eee27a-38e8-4b9c-aa6a-857e950d210b",
"indicator--54eee27a-d3d8-4c96-b637-857e950d210b",
"indicator--54eee27a-5468-4e35-80bf-857e950d210b",
"indicator--54eee27a-860c-4dc4-a5bc-857e950d210b",
"indicator--54eee27a-0598-4855-a9c3-857e950d210b",
"indicator--54eee27a-d790-46bf-ae2d-857e950d210b",
"indicator--54eee27a-6fec-4d10-8747-857e950d210b",
"indicator--54eee27a-de1c-4189-b727-857e950d210b",
"indicator--54eee27b-cee0-410d-8e76-857e950d210b",
"indicator--54eee27b-5078-43fb-b46a-857e950d210b",
"indicator--54eee27b-3c04-4caa-81a3-857e950d210b",
"indicator--54eee27b-d81c-4b00-94d0-857e950d210b",
"indicator--54eee27b-9838-4cb9-b567-857e950d210b",
"indicator--54eee27b-7184-4e45-9d6a-857e950d210b",
"indicator--54eee27b-f2ec-4cc0-ba29-857e950d210b",
"indicator--54eee27b-e540-4987-8f15-857e950d210b",
"indicator--54eee27b-1360-44c2-8970-857e950d210b",
"indicator--54eee27b-2730-427e-92a5-857e950d210b",
"indicator--54eee27c-2d6c-4dc2-bd8f-857e950d210b",
"indicator--54eee27c-11c4-4233-bbfd-857e950d210b",
"indicator--54eee27c-a634-4f56-920c-857e950d210b",
"indicator--54eee27c-2418-4625-af7f-857e950d210b",
"indicator--54eee27c-d2f0-47e4-9739-857e950d210b",
"indicator--54eee27c-6d60-4ae9-b01c-857e950d210b",
"indicator--54eee27c-ab84-4c66-b693-857e950d210b",
"indicator--54eee27c-e824-4372-ae1b-857e950d210b",
"indicator--54eee27c-106c-4d1f-bc04-857e950d210b",
"indicator--54eee27d-fe48-4074-ab8b-857e950d210b",
"indicator--54eee27d-62ec-4d79-add6-857e950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--54eee0e4-8894-4718-98d1-0c01950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"first_observed": "2015-02-26T09:12:19Z",
"last_observed": "2015-02-26T09:12:19Z",
"number_observed": 1,
"object_refs": [
"url--54eee0e4-8894-4718-98d1-0c01950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--54eee0e4-8894-4718-98d1-0c01950d210b",
"value": "http://www.invincea.com/2015/02/fessleak-the-zero-day-driven-advanced-ransomware-malvertising-campaign/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54eee0f9-5050-48b3-84b0-8bb2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Fessleak"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54eee12f-aaa4-4f61-8038-2b95950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:45.000Z",
"modified": "2015-02-26T09:12:45.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "Registrant",
"x_misp_type": "text",
"x_misp_value": "fessleak@qip.ru"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee189-5108-465b-8e6f-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.157.99.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee189-63b4-4396-8220-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.157.99.25']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee189-4f08-459b-8922-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.151.221.212']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee189-cf34-45ae-bb2e-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'chebroom.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee189-3bdc-4b02-902e-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'kenthopm.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee189-1280-42d6-bde0-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'vectallies.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-ac30-4ee9-954d-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'hevpazana.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-71e0-4383-927f-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'labutinra.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-99b0-4983-83ef-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'timarols.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-355c-435b-9d1b-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'pinkavuz.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-b200-4ad7-9787-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'beatrinko.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-f1cc-45bd-b03d-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'vemisaio.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-0d34-4901-b46f-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'zhonte.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-6a08-45d5-84f4-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'binachio.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-52f4-4c6c-985a-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'zarafint.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-8060-4392-899e-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'landors.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-c6e8-4463-98a2-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'tesuin.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18a-b890-4fbe-bc3a-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'rliner.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-4330-4173-b7cf-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'litpou.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-7af0-4361-ac3a-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'fersob.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-1e7c-4847-8346-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'estuty.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-85d4-463d-8422-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'ontiq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-c35c-47c3-bca2-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'deinq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-4534-41cc-8940-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'ermuz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-4bc4-4f91-85ce-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'azurf.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-f258-45e2-886a-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'relom.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-cb3c-4402-9fce-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'retilio.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-70e4-436c-97d6-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'uvreno.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-0e50-46a3-8e95-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.34.127.86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18b-691c-43b0-8320-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.34.127.134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee18c-d5e0-4085-903f-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:12:19.000Z",
"modified": "2015-02-26T09:12:19.000Z",
"pattern": "[domain-name:value = 'tunim.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:12:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--54eee203-a790-44a6-904c-5a29950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:06:11.000Z",
"modified": "2015-02-26T09:06:11.000Z",
"first_observed": "2015-02-26T09:06:11Z",
"last_observed": "2015-02-26T09:06:11Z",
"number_observed": 1,
"object_refs": [
"url--54eee203-a790-44a6-904c-5a29950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--54eee203-a790-44a6-904c-5a29950d210b",
"value": "https://labs.opendns.com/2015/02/19/fessleak-cool/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--54eee203-d334-4171-a8e2-5a29950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:06:11.000Z",
"modified": "2015-02-26T09:06:11.000Z",
"first_observed": "2015-02-26T09:06:11Z",
"last_observed": "2015-02-26T09:06:11Z",
"number_observed": 1,
"object_refs": [
"url--54eee203-d334-4171-a8e2-5a29950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--54eee203-d334-4171-a8e2-5a29950d210b",
"value": "http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-new-adobe-flash-zero-day-exploit-used-in-malvertisements/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--54eee203-36b0-42a7-a5cd-5a29950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:06:11.000Z",
"modified": "2015-02-26T09:06:11.000Z",
"first_observed": "2015-02-26T09:06:11Z",
"last_observed": "2015-02-26T09:06:11Z",
"number_observed": 1,
"object_refs": [
"url--54eee203-36b0-42a7-a5cd-5a29950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--54eee203-36b0-42a7-a5cd-5a29950d210b",
"value": "http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee278-9c30-4481-b5f4-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:08.000Z",
"modified": "2015-02-26T09:08:08.000Z",
"pattern": "[domain-name:value = 'ankapootle.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee278-c6d8-4838-b0af-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:08.000Z",
"modified": "2015-02-26T09:08:08.000Z",
"pattern": "[domain-name:value = 'anster.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-66a4-4b4b-8cf0-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'binjer.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-f4a0-4c96-9cda-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'bizono.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-fd80-4a93-b328-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'bracino.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-1014-42b8-830b-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'dovimos.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-2098-4ffe-9753-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'elimi.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-9c1c-4919-b8c3-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'eltisc.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-5eb4-4139-92b2-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'fenoli.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-c808-4619-ac54-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'ferko.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-50c8-4b4c-8105-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'fermentzone.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee279-0d7c-40ce-9644-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:09.000Z",
"modified": "2015-02-26T09:08:09.000Z",
"pattern": "[domain-name:value = 'ferom.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-6eb8-4720-a189-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'flaris.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-a1c8-4f20-b84b-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'gladolimo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-38e8-4b9c-aa6a-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'grandemab.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-d3d8-4c96-b637-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'ingoarten.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-5468-4e35-80bf-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'inpoucher.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-860c-4dc4-a5bc-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'kabur.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-0598-4855-a9c3-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'lemdingo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-d790-46bf-ae2d-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'lemptyzp.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-6fec-4d10-8747-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'marzie.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27a-de1c-4189-b727-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:10.000Z",
"modified": "2015-02-26T09:08:10.000Z",
"pattern": "[domain-name:value = 'montiza.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-cee0-410d-8e76-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'namille.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-5078-43fb-b46a-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'orsai.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-3c04-4caa-81a3-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'pazumala.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-d81c-4b00-94d0-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'penazhef.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-9838-4cb9-b567-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'penneza.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-7184-4e45-9d6a-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'pequrio.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-f2ec-4cc0-ba29-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'pizzanetp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-e540-4987-8f15-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'podin.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-1360-44c2-8970-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'pondoq.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27b-2730-427e-92a5-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:11.000Z",
"modified": "2015-02-26T09:08:11.000Z",
"pattern": "[domain-name:value = 'prosoknf.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-2d6c-4dc2-bd8f-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'ramonza.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-11c4-4233-bbfd-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'rampoyak.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-a634-4f56-920c-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'romaldi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-2418-4625-af7f-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'shivue.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-d2f0-47e4-9739-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'venitial.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-6d60-4ae9-b01c-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'viceon.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-ab84-4c66-b693-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'webpertzo.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-e824-4372-ae1b-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'wonkobu.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27c-106c-4d1f-bc04-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:12.000Z",
"modified": "2015-02-26T09:08:12.000Z",
"pattern": "[domain-name:value = 'zelti.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27d-fe48-4074-ab8b-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:13.000Z",
"modified": "2015-02-26T09:08:13.000Z",
"pattern": "[domain-name:value = 'zibond.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54eee27d-62ec-4d79-add6-857e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-02-26T09:08:13.000Z",
"modified": "2015-02-26T09:08:13.000Z",
"pattern": "[domain-name:value = 'ztopp.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-02-26T09:08:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:GREEN",
"definition": {
"tlp": "green"
}
}
]
}
Reference in a new issue View git blame Copy permalink