misp-circl-feed/feeds/circl/stix-2.1/57b320b4-4e08-44aa-89b9-428a950d210f.json

723 lines
No EOL
29 KiB
JSON

{
"type": "bundle",
"id": "bundle--57b320b4-4e08-44aa-89b9-428a950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:32:28.000Z",
"modified": "2016-08-16T14:32:28.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--57b320b4-4e08-44aa-89b9-428a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:32:28.000Z",
"modified": "2016-08-16T14:32:28.000Z",
"name": "Malspam 2016-08-16 (.wsf in .zip) - campaign: 'Blank 2'",
"published": "2016-08-17T07:33:26Z",
"object_refs": [
"indicator--57b320eb-a110-404f-87c2-49b7950d210f",
"indicator--57b320eb-a83c-4af8-8afe-4b99950d210f",
"indicator--57b320ec-1ef8-4bf6-8951-47e9950d210f",
"indicator--57b320ed-e7f4-488e-aba6-4546950d210f",
"indicator--57b320ed-9208-4808-a284-439f950d210f",
"indicator--57b320ee-8a14-4a2e-a912-42ad950d210f",
"indicator--57b320ee-c080-4dc9-ab8d-4f1c950d210f",
"indicator--57b320ee-74d4-4cd4-9769-4afd950d210f",
"indicator--57b320ef-4a38-4a70-912d-4037950d210f",
"indicator--57b320ef-94dc-4c75-92ae-420e950d210f",
"indicator--57b320f0-0650-4552-945f-4bbe950d210f",
"indicator--57b320f0-9fc0-47fc-90eb-4c48950d210f",
"indicator--57b320f1-99bc-49c0-a775-4875950d210f",
"indicator--57b320f1-1a64-42de-a759-47b3950d210f",
"indicator--57b32311-4068-4190-8f07-468c950d210f",
"indicator--57b32312-7224-44b5-a7a9-49a8950d210f",
"indicator--57b32312-aad8-4237-b937-4107950d210f",
"indicator--57b32312-2620-43cf-9c27-47a1950d210f",
"indicator--57b32313-ebb8-4d84-9f83-4189950d210f",
"indicator--57b32313-1b4c-4d93-868d-4c65950d210f",
"indicator--57b32313-15bc-4a0f-9871-4cff950d210f",
"indicator--57b32314-fc90-41f5-ba01-4017950d210f",
"indicator--57b32314-a5bc-4458-bfd8-423c950d210f",
"indicator--57b32314-8c18-42b5-803b-4cb9950d210f",
"indicator--57b32314-c348-409d-b5b1-4689950d210f",
"indicator--57b32315-ae0c-4549-a954-4ec2950d210f",
"observed-data--57b3233c-85c4-4f4e-afe4-44e5950d210f",
"email-message--57b3233c-85c4-4f4e-afe4-44e5950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320eb-a110-404f-87c2-49b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:23.000Z",
"modified": "2016-08-16T14:19:23.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.151.153.26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320eb-a83c-4af8-8afe-4b99950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:23.000Z",
"modified": "2016-08-16T14:19:23.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ec-1ef8-4bf6-8951-47e9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:24.000Z",
"modified": "2016-08-16T14:19:24.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.244.243.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ed-e7f4-488e-aba6-4546950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:25.000Z",
"modified": "2016-08-16T14:19:25.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.144.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ed-9208-4808-a284-439f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:25.000Z",
"modified": "2016-08-16T14:19:25.000Z",
"description": "download location",
"pattern": "[url:value = 'http://sp2.cba.pl/nJHbj0266b?hIeYfAIU=RlvjEYkyO']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ee-8a14-4a2e-a912-42ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:26.000Z",
"modified": "2016-08-16T14:19:26.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.ferienhaus-mesa.at/nJHbj0266b?bVNhynB=AiGSHMqkUH']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ee-c080-4dc9-ab8d-4f1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:26.000Z",
"modified": "2016-08-16T14:19:26.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.gcs-crostolo.it/nJHbj0266b?mfnIPUUMI=lYOSxK']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ee-74d4-4cd4-9769-4afd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:26.000Z",
"modified": "2016-08-16T14:19:26.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.lefaos.50webs.com/nJHbj0266b?EYywKnoMCqD=YlCTTo']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ef-4a38-4a70-912d-4037950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:27.000Z",
"modified": "2016-08-16T14:19:27.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.mediatoponline.it/nJHbj0266b?hzFFUHptoGJ=fWxaDgf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320ef-94dc-4c75-92ae-420e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:27.000Z",
"modified": "2016-08-16T14:19:27.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'sp2.cba.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320f0-0650-4552-945f-4bbe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:28.000Z",
"modified": "2016-08-16T14:19:28.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.ferienhaus-mesa.at']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320f0-9fc0-47fc-90eb-4c48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:28.000Z",
"modified": "2016-08-16T14:19:28.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.gcs-crostolo.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320f1-99bc-49c0-a775-4875950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:29.000Z",
"modified": "2016-08-16T14:19:29.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.lefaos.50webs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b320f1-1a64-42de-a759-47b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:19:29.000Z",
"modified": "2016-08-16T14:19:29.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.mediatoponline.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:19:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32311-4068-4190-8f07-468c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:33.000Z",
"modified": "2016-08-16T14:28:33.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.42.29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32312-7224-44b5-a7a9-49a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:34.000Z",
"modified": "2016-08-16T14:28:34.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.72.183.216']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32312-aad8-4237-b937-4107950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:34.000Z",
"modified": "2016-08-16T14:28:34.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.38.227.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32312-2620-43cf-9c27-47a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:34.000Z",
"modified": "2016-08-16T14:28:34.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'hoshiomi.yu-nagi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32313-ebb8-4d84-9f83-4189950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:35.000Z",
"modified": "2016-08-16T14:28:35.000Z",
"description": "download location",
"pattern": "[url:value = 'http://hoshiomi.yu-nagi.com/nJHbj0266b?hIeYfAIU=RlvjEYkyO']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32313-1b4c-4d93-868d-4c65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:35.000Z",
"modified": "2016-08-16T14:28:35.000Z",
"description": "download location",
"pattern": "[url:value = 'http://hoshiomi.yu-nagi.com/nJHbj0266b?hzFFUHptoGJ=fWxaDgf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32313-15bc-4a0f-9871-4cff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:35.000Z",
"modified": "2016-08-16T14:28:35.000Z",
"description": "download location",
"pattern": "[url:value = 'http://muznavolge.ru/nJHbj0266b?mfnIPUUMI=lYOSxK']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32314-fc90-41f5-ba01-4017950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:36.000Z",
"modified": "2016-08-16T14:28:36.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.gianlucaboezio.it./nJHbj0266b?bVNhynB=AiGSHMqkUH']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32314-a5bc-4458-bfd8-423c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:36.000Z",
"modified": "2016-08-16T14:28:36.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.greatidea.de/nJHbj0266b?hzFFUHptoGJ=fWxaDgf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32314-8c18-42b5-803b-4cb9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:36.000Z",
"modified": "2016-08-16T14:28:36.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'muznavolge.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32314-c348-409d-b5b1-4689950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:36.000Z",
"modified": "2016-08-16T14:28:36.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.gianlucaboezio.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b32315-ae0c-4549-a954-4ec2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:28:37.000Z",
"modified": "2016-08-16T14:28:37.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.greatidea.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-16T14:28:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--57b3233c-85c4-4f4e-afe4-44e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-16T14:29:16.000Z",
"modified": "2016-08-16T14:29:16.000Z",
"first_observed": "2016-08-16T14:29:16Z",
"last_observed": "2016-08-16T14:29:16Z",
"number_observed": 1,
"object_refs": [
"email-message--57b3233c-85c4-4f4e-afe4-44e5950d210f"
],
"labels": [
"misp:type=\"email-subject\"",
"misp:category=\"Payload delivery\""
]
},
{
"type": "email-message",
"spec_version": "2.1",
"id": "email-message--57b3233c-85c4-4f4e-afe4-44e5950d210f",
"is_multipart": false,
"subject": "Blank 2"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}