adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/566f4900-9da4-4ee7-b237-8a63950d210b.json

3040 lines
No EOL
123 KiB
JSON
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--566f4900-9da4-4ee7-b237-8a63950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:58:02.000Z",
"modified": "2015-12-14T22:58:02.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--566f4900-9da4-4ee7-b237-8a63950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:58:02.000Z",
"modified": "2015-12-14T22:58:02.000Z",
"name": "OSINT IOC from ponmocup malware",
"published": "2015-12-14T22:59:31Z",
"object_refs": [
"indicator--566f4915-adb4-4496-9bd5-a574950d210b",
"indicator--566f4916-92f8-4aa6-928e-a574950d210b",
"indicator--566f4916-d0ac-4e74-a055-a574950d210b",
"indicator--566f4917-a55c-47db-891c-a574950d210b",
"indicator--566f4917-1e18-42c3-8707-a574950d210b",
"indicator--566f4917-a124-4e5f-bfba-a574950d210b",
"indicator--566f4918-b28c-4245-87f0-a574950d210b",
"indicator--566f4918-4ebc-4708-86e1-a574950d210b",
"indicator--566f4919-45d0-4e98-be23-a574950d210b",
"indicator--566f4919-6b90-4fa6-9a3f-a574950d210b",
"indicator--566f4919-4674-416e-bb99-a574950d210b",
"indicator--566f491a-8a64-4613-b793-a574950d210b",
"indicator--566f491a-f210-4e4d-b986-a574950d210b",
"indicator--566f491b-216c-4a56-b1db-a574950d210b",
"indicator--566f491b-9db0-4350-94ff-a574950d210b",
"indicator--566f491c-15a0-481d-9df8-a574950d210b",
"indicator--566f491c-a0a0-488c-8927-a574950d210b",
"indicator--566f491c-18fc-48c9-ad68-a574950d210b",
"indicator--566f491d-3150-4c52-8e49-a574950d210b",
"indicator--566f491d-6924-4cf0-825c-a574950d210b",
"indicator--566f491e-6d3c-4186-8568-a574950d210b",
"indicator--566f491e-da44-41f0-b282-a574950d210b",
"indicator--566f491e-0540-42da-8b26-a574950d210b",
"indicator--566f491f-dce4-40d3-afb6-a574950d210b",
"indicator--566f491f-5f9c-40a9-81bd-a574950d210b",
"indicator--566f4920-52fc-4f13-81d6-a574950d210b",
"indicator--566f4920-8a88-4ea5-bc4a-a574950d210b",
"indicator--566f4921-c744-4cb1-9238-a574950d210b",
"indicator--566f4921-da44-4879-86ec-a574950d210b",
"indicator--566f4921-a96c-43c7-b2d1-a574950d210b",
"indicator--566f4922-71fc-4ee4-b91d-a574950d210b",
"indicator--566f4922-64f0-4581-8372-a574950d210b",
"indicator--566f4923-4b70-4e1a-9df5-a574950d210b",
"indicator--566f4923-7400-49da-9611-a574950d210b",
"indicator--566f4923-12d0-41f4-9548-a574950d210b",
"indicator--566f4924-906c-4980-a6a9-a574950d210b",
"indicator--566f4924-5814-4e17-9521-a574950d210b",
"indicator--566f4925-6408-4ced-9f21-a574950d210b",
"indicator--566f4925-ebd0-4ce3-9daa-a574950d210b",
"indicator--566f4926-5af8-442a-b61b-a574950d210b",
"indicator--566f4926-f170-4f1c-a1d0-a574950d210b",
"indicator--566f4926-37dc-4ff7-873c-a574950d210b",
"indicator--566f4927-bff0-42ad-9dce-a574950d210b",
"indicator--566f4927-50a0-4968-ac7b-a574950d210b",
"indicator--566f4928-88e8-456a-9577-a574950d210b",
"indicator--566f4928-57c4-42fa-b346-a574950d210b",
"indicator--566f4928-ce80-4589-9dd5-a574950d210b",
"indicator--566f4929-a55c-4a09-a738-a574950d210b",
"indicator--566f4929-9624-4065-b010-a574950d210b",
"indicator--566f492a-6ef4-49f7-853b-a574950d210b",
"indicator--566f492a-30f4-4d47-b599-a574950d210b",
"indicator--566f492b-7f34-46e2-aebc-a574950d210b",
"indicator--566f492b-6868-4990-ba9f-a574950d210b",
"indicator--566f492b-5fe8-4926-8e02-a574950d210b",
"indicator--566f492c-2814-4e9d-ad63-a574950d210b",
"indicator--566f492c-ded8-4b5a-9304-a574950d210b",
"indicator--566f492d-819c-4959-b0d5-a574950d210b",
"indicator--566f492d-4ff0-4b17-a699-a574950d210b",
"indicator--566f492d-0068-4aab-9c3e-a574950d210b",
"indicator--566f492e-dd18-4e79-8eab-a574950d210b",
"indicator--566f492e-b3f8-4f60-8e8a-a574950d210b",
"indicator--566f492f-f9e8-4542-86f9-a574950d210b",
"indicator--566f492f-6e54-43ad-81e4-a574950d210b",
"indicator--566f492f-5308-409f-985a-a574950d210b",
"indicator--566f4930-d58c-4945-ad45-a574950d210b",
"indicator--566f4930-372c-4629-a1ab-a574950d210b",
"indicator--566f4931-7154-47a1-9f5e-a574950d210b",
"indicator--566f4931-094c-4916-a929-a574950d210b",
"indicator--566f4932-bd68-4ad6-a267-a574950d210b",
"indicator--566f4932-46a4-4967-a92a-a574950d210b",
"indicator--566f4932-239c-43be-a948-a574950d210b",
"indicator--566f4933-1df4-4fc7-b844-a574950d210b",
"indicator--566f4933-1794-477f-a1c9-a574950d210b",
"indicator--566f4934-d908-45fd-86c4-a574950d210b",
"indicator--566f4934-0cec-4196-9c93-a574950d210b",
"indicator--566f4934-f468-42f1-84d9-a574950d210b",
"indicator--566f4935-1d94-4bcc-a29a-a574950d210b",
"indicator--566f4935-2838-445d-be81-a574950d210b",
"indicator--566f4936-fcfc-4318-8992-a574950d210b",
"indicator--566f4936-c9e0-48e2-a6f3-a574950d210b",
"indicator--566f4937-9a84-4b03-ab11-a574950d210b",
"indicator--566f4937-17b4-4f57-bb1c-a574950d210b",
"indicator--566f4937-a8c0-4cf4-8f6a-a574950d210b",
"indicator--566f4938-d854-4c56-b599-a574950d210b",
"indicator--566f4938-1134-473e-bf82-a574950d210b",
"indicator--566f4939-8a3c-45e1-a288-a574950d210b",
"indicator--566f4939-1dd4-45a9-8c28-a574950d210b",
"indicator--566f493a-2950-4a19-ad66-a574950d210b",
"indicator--566f493a-0770-4742-90c8-a574950d210b",
"indicator--566f493a-f480-462e-987d-a574950d210b",
"indicator--566f493b-837c-4a28-be0c-a574950d210b",
"indicator--566f493b-6f9c-44c4-a3cd-a574950d210b",
"indicator--566f493c-c4d4-425f-b640-a574950d210b",
"indicator--566f493c-9ed8-40a8-b025-a574950d210b",
"indicator--566f493d-d99c-4ab0-ac8b-a574950d210b",
"indicator--566f493d-0dec-43da-9d7c-a574950d210b",
"indicator--566f493d-a4a0-4dea-a6ff-a574950d210b",
"indicator--566f493e-39a0-411b-8cdf-a574950d210b",
"indicator--566f493e-10b4-456e-813d-a574950d210b",
"indicator--566f493f-896c-40a7-876f-a574950d210b",
"indicator--566f493f-1e18-4455-a47b-a574950d210b",
"indicator--566f493f-cf10-4cac-acec-a574950d210b",
"indicator--566f4940-0f90-40a2-a186-a574950d210b",
"indicator--566f4940-cbc0-4809-9558-a574950d210b",
"indicator--566f4941-be10-41f3-a73c-a574950d210b",
"indicator--566f4941-8d9c-43fb-8914-a574950d210b",
"indicator--566f4942-6748-48f4-8beb-a574950d210b",
"indicator--566f4942-4e20-42df-8b92-a574950d210b",
"indicator--566f4942-9390-4e12-9078-a574950d210b",
"indicator--566f4943-1198-4243-9df9-a574950d210b",
"indicator--566f4943-eb2c-4777-9228-a574950d210b",
"indicator--566f4944-0938-4d41-8c14-a574950d210b",
"indicator--566f4944-5ce0-41fa-8855-a574950d210b",
"indicator--566f4945-eb80-4fd6-85b5-a574950d210b",
"indicator--566f4945-e9c0-4410-9726-a574950d210b",
"indicator--566f4945-7a10-466a-b35f-a574950d210b",
"indicator--566f4946-520c-4e8c-8c97-a574950d210b",
"indicator--566f4946-32cc-40e1-a3a8-a574950d210b",
"indicator--566f4947-6110-46df-a4b4-a574950d210b",
"indicator--566f4947-a48c-48ba-a634-a574950d210b",
"indicator--566f4947-c270-4f19-a6b0-a574950d210b",
"indicator--566f4948-e190-4846-93fa-a574950d210b",
"indicator--566f4948-abdc-4d25-a330-a574950d210b",
"observed-data--566f496c-d368-415d-aad6-ad1a950d210b",
"url--566f496c-d368-415d-aad6-ad1a950d210b",
"x-misp-attribute--566f497a-c538-4970-94ed-7eb5950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4915-adb4-4496-9bd5-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:21.000Z",
"modified": "2015-12-14T22:56:21.000Z",
"pattern": "[domain-name:value = 'abccornet.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4916-92f8-4aa6-928e-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:22.000Z",
"modified": "2015-12-14T22:56:22.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.74.195.149']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4916-d0ac-4e74-a055-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:22.000Z",
"modified": "2015-12-14T22:56:22.000Z",
"pattern": "[domain-name:value = 'adertisecorp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4917-a55c-47db-891c-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:23.000Z",
"modified": "2015-12-14T22:56:23.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '243.182.100.227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4917-1e18-42c3-8707-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:23.000Z",
"modified": "2015-12-14T22:56:23.000Z",
"pattern": "[domain-name:value = 'affilipcorp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4917-a124-4e5f-bfba-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:23.000Z",
"modified": "2015-12-14T22:56:23.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '4.227.70.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4918-b28c-4245-87f0-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:24.000Z",
"modified": "2015-12-14T22:56:24.000Z",
"pattern": "[domain-name:value = 'anexcorp.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4918-4ebc-4708-86e1-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:24.000Z",
"modified": "2015-12-14T22:56:24.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '63.77.106.1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4919-45d0-4e98-be23-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:25.000Z",
"modified": "2015-12-14T22:56:25.000Z",
"pattern": "[domain-name:value = 'britishfederal.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4919-6b90-4fa6-9a3f-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:25.000Z",
"modified": "2015-12-14T22:56:25.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '166.178.113.144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4919-4674-416e-bb99-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:25.000Z",
"modified": "2015-12-14T22:56:25.000Z",
"pattern": "[domain-name:value = 'changinessmen.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491a-8a64-4613-b793-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:26.000Z",
"modified": "2015-12-14T22:56:26.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '231.150.98.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491a-f210-4e4d-b986-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:26.000Z",
"modified": "2015-12-14T22:56:26.000Z",
"pattern": "[domain-name:value = 'claimsreference.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491b-216c-4a56-b1db-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:27.000Z",
"modified": "2015-12-14T22:56:27.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.171.130.249']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491b-9db0-4350-94ff-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:27.000Z",
"modified": "2015-12-14T22:56:27.000Z",
"pattern": "[domain-name:value = 'clickoptimiser.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491c-15a0-481d-9df8-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:28.000Z",
"modified": "2015-12-14T22:56:28.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.66.23.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491c-a0a0-488c-8927-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:28.000Z",
"modified": "2015-12-14T22:56:28.000Z",
"pattern": "[domain-name:value = 'contentdeliveryorg.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491c-18fc-48c9-ad68-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:28.000Z",
"modified": "2015-12-14T22:56:28.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '6.88.25.80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491d-3150-4c52-8e49-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:29.000Z",
"modified": "2015-12-14T22:56:29.000Z",
"pattern": "[domain-name:value = 'contextexpert.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491d-6924-4cf0-825c-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:29.000Z",
"modified": "2015-12-14T22:56:29.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.213.59.50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491e-6d3c-4186-8568-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:30.000Z",
"modified": "2015-12-14T22:56:30.000Z",
"pattern": "[domain-name:value = 'continuatu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491e-da44-41f0-b282-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:30.000Z",
"modified": "2015-12-14T22:56:30.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '222.219.85.79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491e-0540-42da-8b26-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:30.000Z",
"modified": "2015-12-14T22:56:30.000Z",
"pattern": "[domain-name:value = 'culminaccessful.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491f-dce4-40d3-afb6-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:31.000Z",
"modified": "2015-12-14T22:56:31.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '234.102.81.206']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f491f-5f9c-40a9-81bd-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:31.000Z",
"modified": "2015-12-14T22:56:31.000Z",
"pattern": "[domain-name:value = 'cybernan.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4920-52fc-4f13-81d6-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:32.000Z",
"modified": "2015-12-14T22:56:32.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '116.181.5.61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4920-8a88-4ea5-bc4a-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:32.000Z",
"modified": "2015-12-14T22:56:32.000Z",
"pattern": "[domain-name:value = 'defenciclovis.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4921-c744-4cb1-9238-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:33.000Z",
"modified": "2015-12-14T22:56:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '156.44.195.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4921-da44-4879-86ec-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:33.000Z",
"modified": "2015-12-14T22:56:33.000Z",
"pattern": "[domain-name:value = 'descriptioned.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4921-a96c-43c7-b2d1-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:33.000Z",
"modified": "2015-12-14T22:56:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '21.8.194.15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4922-71fc-4ee4-b91d-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:34.000Z",
"modified": "2015-12-14T22:56:34.000Z",
"pattern": "[domain-name:value = 'detroportans.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4922-64f0-4581-8372-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:34.000Z",
"modified": "2015-12-14T22:56:34.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '42.107.140.147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4923-4b70-4e1a-9df5-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:35.000Z",
"modified": "2015-12-14T22:56:35.000Z",
"pattern": "[domain-name:value = 'directiculture.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4923-7400-49da-9611-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:35.000Z",
"modified": "2015-12-14T22:56:35.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.172.52.66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4923-12d0-41f4-9548-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:35.000Z",
"modified": "2015-12-14T22:56:35.000Z",
"pattern": "[domain-name:value = 'directlyvast.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4924-906c-4980-a6a9-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:36.000Z",
"modified": "2015-12-14T22:56:36.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '227.248.14.79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4924-5814-4e17-9521-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:36.000Z",
"modified": "2015-12-14T22:56:36.000Z",
"pattern": "[domain-name:value = 'dogmationation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4925-6408-4ced-9f21-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:37.000Z",
"modified": "2015-12-14T22:56:37.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.83.123.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4925-ebd0-4ce3-9daa-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:37.000Z",
"modified": "2015-12-14T22:56:37.000Z",
"pattern": "[domain-name:value = 'dynodns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4926-5af8-442a-b61b-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:38.000Z",
"modified": "2015-12-14T22:56:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '44.36.245.224']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4926-f170-4f1c-a1d0-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:38.000Z",
"modified": "2015-12-14T22:56:38.000Z",
"pattern": "[domain-name:value = 'enckfeld.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4926-37dc-4ff7-873c-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:38.000Z",
"modified": "2015-12-14T22:56:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '168.23.171.69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4927-bff0-42ad-9dce-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:39.000Z",
"modified": "2015-12-14T22:56:39.000Z",
"pattern": "[domain-name:value = 'familyinteresting.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4927-50a0-4968-ac7b-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:39.000Z",
"modified": "2015-12-14T22:56:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '204.37.98.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4928-88e8-456a-9577-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:40.000Z",
"modified": "2015-12-14T22:56:40.000Z",
"pattern": "[domain-name:value = 'fasternation.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4928-57c4-42fa-b346-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:40.000Z",
"modified": "2015-12-14T22:56:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '253.101.238.123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4928-ce80-4589-9dd5-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:40.000Z",
"modified": "2015-12-14T22:56:40.000Z",
"pattern": "[domain-name:value = 'freewayreg.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4929-a55c-4a09-a738-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:41.000Z",
"modified": "2015-12-14T22:56:41.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.75.201.33']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4929-9624-4065-b010-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:41.000Z",
"modified": "2015-12-14T22:56:41.000Z",
"pattern": "[domain-name:value = 'headedpicked.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492a-6ef4-49f7-853b-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:42.000Z",
"modified": "2015-12-14T22:56:42.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '40.22.124.164']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492a-30f4-4d47-b599-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:42.000Z",
"modified": "2015-12-14T22:56:42.000Z",
"pattern": "[domain-name:value = 'headedpicked.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492b-7f34-46e2-aebc-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:43.000Z",
"modified": "2015-12-14T22:56:43.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '49.197.32.49']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492b-6868-4990-ba9f-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:43.000Z",
"modified": "2015-12-14T22:56:43.000Z",
"pattern": "[domain-name:value = 'highlytraditional.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492b-5fe8-4926-8e02-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:43.000Z",
"modified": "2015-12-14T22:56:43.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.127.201.198']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492c-2814-4e9d-ad63-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:44.000Z",
"modified": "2015-12-14T22:56:44.000Z",
"pattern": "[domain-name:value = 'himmeding.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492c-ded8-4b5a-9304-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:44.000Z",
"modified": "2015-12-14T22:56:44.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.61.46.13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492d-819c-4959-b0d5-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:45.000Z",
"modified": "2015-12-14T22:56:45.000Z",
"pattern": "[domain-name:value = 'howeveraged.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492d-4ff0-4b17-a699-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:45.000Z",
"modified": "2015-12-14T22:56:45.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.136.214.219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492d-0068-4aab-9c3e-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:45.000Z",
"modified": "2015-12-14T22:56:45.000Z",
"pattern": "[domain-name:value = 'hydroelection.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492e-dd18-4e79-8eab-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:46.000Z",
"modified": "2015-12-14T22:56:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '253.134.178.81']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492e-b3f8-4f60-8e8a-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:46.000Z",
"modified": "2015-12-14T22:56:46.000Z",
"pattern": "[domain-name:value = 'illegedly.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492f-f9e8-4542-86f9-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:47.000Z",
"modified": "2015-12-14T22:56:47.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '106.8.16.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492f-6e54-43ad-81e4-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:47.000Z",
"modified": "2015-12-14T22:56:47.000Z",
"pattern": "[domain-name:value = 'imagesharehost.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f492f-5308-409f-985a-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:47.000Z",
"modified": "2015-12-14T22:56:47.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '204.11.56.48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4930-d58c-4945-ad45-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:48.000Z",
"modified": "2015-12-14T22:56:48.000Z",
"pattern": "[domain-name:value = 'leadwriting.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4930-372c-4629-a1ab-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:48.000Z",
"modified": "2015-12-14T22:56:48.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.252.243.242']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4931-7154-47a1-9f5e-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:49.000Z",
"modified": "2015-12-14T22:56:49.000Z",
"pattern": "[domain-name:value = 'meetinglimited.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4931-094c-4916-a929-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:49.000Z",
"modified": "2015-12-14T22:56:49.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.225.26.181']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4932-bd68-4ad6-a267-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:50.000Z",
"modified": "2015-12-14T22:56:50.000Z",
"pattern": "[domain-name:value = 'netdiscovery.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4932-46a4-4967-a92a-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:50.000Z",
"modified": "2015-12-14T22:56:50.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '106.110.29.248']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4932-239c-43be-a948-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:50.000Z",
"modified": "2015-12-14T22:56:50.000Z",
"pattern": "[domain-name:value = 'picasootoolbar.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4933-1df4-4fc7-b844-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:51.000Z",
"modified": "2015-12-14T22:56:51.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '114.225.99.185']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4933-1794-477f-a1c9-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:51.000Z",
"modified": "2015-12-14T22:56:51.000Z",
"pattern": "[domain-name:value = 'piclbumestream.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4934-d908-45fd-86c4-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:52.000Z",
"modified": "2015-12-14T22:56:52.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.171.234.238']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4934-0cec-4196-9c93-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:52.000Z",
"modified": "2015-12-14T22:56:52.000Z",
"pattern": "[domain-name:value = 'postdone.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4934-f468-42f1-84d9-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:52.000Z",
"modified": "2015-12-14T22:56:52.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.116.56.144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4935-1d94-4bcc-a29a-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:53.000Z",
"modified": "2015-12-14T22:56:53.000Z",
"pattern": "[domain-name:value = 'ratilovskoye.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4935-2838-445d-be81-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:53.000Z",
"modified": "2015-12-14T22:56:53.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '102.209.206.89']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4936-fcfc-4318-8992-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:54.000Z",
"modified": "2015-12-14T22:56:54.000Z",
"pattern": "[domain-name:value = 'recising.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4936-c9e0-48e2-a6f3-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:54.000Z",
"modified": "2015-12-14T22:56:54.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '7.34.116.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4937-9a84-4b03-ab11-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:55.000Z",
"modified": "2015-12-14T22:56:55.000Z",
"pattern": "[domain-name:value = 'searchforthat.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4937-17b4-4f57-bb1c-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:55.000Z",
"modified": "2015-12-14T22:56:55.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '38.155.216.69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4937-a8c0-4cf4-8f6a-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:55.000Z",
"modified": "2015-12-14T22:56:55.000Z",
"pattern": "[domain-name:value = 'sectionsfear.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4938-d854-4c56-b599-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:56.000Z",
"modified": "2015-12-14T22:56:56.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '27.251.60.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4938-1134-473e-bf82-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:56.000Z",
"modified": "2015-12-14T22:56:56.000Z",
"pattern": "[domain-name:value = 'separtila.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4939-8a3c-45e1-a288-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:57.000Z",
"modified": "2015-12-14T22:56:57.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.76.160.100']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4939-1dd4-45a9-8c28-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:57.000Z",
"modified": "2015-12-14T22:56:57.000Z",
"pattern": "[domain-name:value = 'standardbay.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493a-2950-4a19-ad66-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:58.000Z",
"modified": "2015-12-14T22:56:58.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '100.134.242.235']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493a-0770-4742-90c8-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:58.000Z",
"modified": "2015-12-14T22:56:58.000Z",
"pattern": "[domain-name:value = 'streamingadv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493a-f480-462e-987d-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:58.000Z",
"modified": "2015-12-14T22:56:58.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '124.3.139.20']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493b-837c-4a28-be0c-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:59.000Z",
"modified": "2015-12-14T22:56:59.000Z",
"pattern": "[domain-name:value = 'ternations.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493b-6f9c-44c4-a3cd-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:56:59.000Z",
"modified": "2015-12-14T22:56:59.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '25.20.33.76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:56:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493c-c4d4-425f-b640-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:00.000Z",
"modified": "2015-12-14T22:57:00.000Z",
"pattern": "[domain-name:value = 'thomaslaid.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493c-9ed8-40a8-b025-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:00.000Z",
"modified": "2015-12-14T22:57:00.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '189.140.10.37']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493d-d99c-4ab0-ac8b-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:01.000Z",
"modified": "2015-12-14T22:57:01.000Z",
"pattern": "[domain-name:value = 'traffictradexpert.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493d-0dec-43da-9d7c-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:01.000Z",
"modified": "2015-12-14T22:57:01.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '59.228.144.104']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493d-a4a0-4dea-a6ff-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:01.000Z",
"modified": "2015-12-14T22:57:01.000Z",
"pattern": "[domain-name:value = 'twicecitizens.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493e-39a0-411b-8cdf-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:02.000Z",
"modified": "2015-12-14T22:57:02.000Z",
"pattern": "[domain-name:value = 'veristats.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493e-10b4-456e-813d-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:02.000Z",
"modified": "2015-12-14T22:57:02.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '29.205.223.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493f-896c-40a7-876f-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:03.000Z",
"modified": "2015-12-14T22:57:03.000Z",
"pattern": "[domain-name:value = 'virtualsearches.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493f-1e18-4455-a47b-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:03.000Z",
"modified": "2015-12-14T22:57:03.000Z",
"pattern": "[domain-name:value = 'workerssan.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f493f-cf10-4cac-acec-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:03.000Z",
"modified": "2015-12-14T22:57:03.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.15.53.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4940-0f90-40a2-a186-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:04.000Z",
"modified": "2015-12-14T22:57:04.000Z",
"pattern": "[domain-name:value = 'yaltimate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4940-cbc0-4809-9558-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:04.000Z",
"modified": "2015-12-14T22:57:04.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '22.149.159.105']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4941-be10-41f3-a73c-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:05.000Z",
"modified": "2015-12-14T22:57:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '182.62.211.45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4941-8d9c-43fb-8914-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:05.000Z",
"modified": "2015-12-14T22:57:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.17.184.249']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4942-6748-48f4-8beb-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:06.000Z",
"modified": "2015-12-14T22:57:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '214.66.10.71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4942-4e20-42df-8b92-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:06.000Z",
"modified": "2015-12-14T22:57:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.23.3.243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4942-9390-4e12-9078-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:06.000Z",
"modified": "2015-12-14T22:57:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.23.3.244']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4943-1198-4243-9df9-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:07.000Z",
"modified": "2015-12-14T22:57:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.23.3.249']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4943-eb2c-4777-9228-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:07.000Z",
"modified": "2015-12-14T22:57:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '232.187.207.67']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4944-0938-4d41-8c14-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:08.000Z",
"modified": "2015-12-14T22:57:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '26.252.164.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4944-5ce0-41fa-8855-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:08.000Z",
"modified": "2015-12-14T22:57:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '28.16.103.211']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4945-eb80-4fd6-85b5-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:09.000Z",
"modified": "2015-12-14T22:57:09.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.212.68.230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4945-e9c0-4410-9726-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:09.000Z",
"modified": "2015-12-14T22:57:09.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.109.28.248']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4945-7a10-466a-b35f-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:09.000Z",
"modified": "2015-12-14T22:57:09.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.109.28.249']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4946-520c-4e8c-8c97-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:10.000Z",
"modified": "2015-12-14T22:57:10.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.109.28.250']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4946-32cc-40e1-a3a8-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:10.000Z",
"modified": "2015-12-14T22:57:10.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.17.133.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4947-6110-46df-a4b4-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:11.000Z",
"modified": "2015-12-14T22:57:11.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.17.133.194']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4947-a48c-48ba-a634-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:11.000Z",
"modified": "2015-12-14T22:57:11.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.172.227.240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4947-c270-4f19-a6b0-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:11.000Z",
"modified": "2015-12-14T22:57:11.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.115.88.220']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4948-e190-4846-93fa-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:12.000Z",
"modified": "2015-12-14T22:57:12.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.240.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--566f4948-abdc-4d25-a330-a574950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:12.000Z",
"modified": "2015-12-14T22:57:12.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.240.194']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-12-14T22:57:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--566f496c-d368-415d-aad6-ad1a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:57:48.000Z",
"modified": "2015-12-14T22:57:48.000Z",
"first_observed": "2015-12-14T22:57:48Z",
"last_observed": "2015-12-14T22:57:48Z",
"number_observed": 1,
"object_refs": [
"url--566f496c-d368-415d-aad6-ad1a950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--566f496c-d368-415d-aad6-ad1a950d210b",
"value": "https://malwrpost.wordpress.com/2015/12/03/ioc-from-ponmocup-malware-part-1/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--566f497a-c538-4970-94ed-7eb5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-12-14T22:58:02.000Z",
"modified": "2015-12-14T22:58:02.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Ponmocup"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink