adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/57b5adc4-9f48-4cb4-9a0b-4471950d210f.json

623 lines
No EOL
25 KiB
JSON
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--57b5adc4-9f48-4cb4-9a0b-4471950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:49:24.000Z",
"modified": "2016-08-18T12:49:24.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--57b5adc4-9f48-4cb4-9a0b-4471950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:49:24.000Z",
"modified": "2016-08-18T12:49:24.000Z",
"name": "Malspam 2016-08-18 (.wsf in .zip) - campaign: \"Emailing: Label\"",
"published": "2016-08-18T14:12:05Z",
"object_refs": [
"indicator--57b5adf6-4820-48ff-9a19-4dca950d210f",
"indicator--57b5adf6-3130-480c-ab96-4904950d210f",
"indicator--57b5adf6-9bb4-4a7c-b821-4aab950d210f",
"indicator--57b5adf6-6228-4762-a72c-47d0950d210f",
"indicator--57b5adf6-33a8-495d-b3bf-41cd950d210f",
"indicator--57b5adf7-14f0-4ef2-adb7-4f11950d210f",
"indicator--57b5adf7-1d70-4f73-b6f9-4804950d210f",
"indicator--57b5adf7-ecd0-4781-8d14-4a81950d210f",
"indicator--57b5adf7-a434-49bc-9955-4415950d210f",
"indicator--57b5ae06-c614-484f-b6bb-433d950d210f",
"indicator--57b5ae06-9994-4cb9-b0f5-4530950d210f",
"indicator--57b5ae06-6060-4943-86d4-4aab950d210f",
"indicator--57b5ae07-01f0-4a8f-ad1e-477f950d210f",
"indicator--57b5ae07-5a84-4e0f-8273-4bef950d210f",
"indicator--57b5ae07-3438-44a4-822d-46fe950d210f",
"indicator--57b5ae07-7374-427f-b571-45a4950d210f",
"indicator--57b5ae08-4a58-4a43-b305-4405950d210f",
"indicator--57b5ae25-5f38-4b1c-8a8a-4a04950d210f",
"indicator--57b5ae26-ef78-44a0-b564-4009950d210f",
"indicator--57b5ae26-b860-406c-8190-4015950d210f",
"indicator--57b5ae26-5c90-4569-8843-4b58950d210f",
"indicator--57b5ae26-00ac-4768-82ad-46d9950d210f",
"observed-data--57b5ae6d-c600-4ecd-a842-4fab950d210f",
"email-message--57b5ae6d-c600-4ecd-a842-4fab950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf6-4820-48ff-9a19-4dca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:42.000Z",
"modified": "2016-08-18T12:45:42.000Z",
"description": "download location",
"pattern": "[url:value = 'http://cs-czosnusie.cba.pl/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf6-3130-480c-ab96-4904950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:42.000Z",
"modified": "2016-08-18T12:45:42.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'cs-czosnusie.cba.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf6-9bb4-4a7c-b821-4aab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:42.000Z",
"modified": "2016-08-18T12:45:42.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.144.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf6-6228-4762-a72c-47d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:42.000Z",
"modified": "2016-08-18T12:45:42.000Z",
"description": "download location",
"pattern": "[url:value = 'http://entree22.homepage.t-online.de/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf6-33a8-495d-b3bf-41cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:42.000Z",
"modified": "2016-08-18T12:45:42.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'entree22.homepage.t-online.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf7-14f0-4ef2-adb7-4f11950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:43.000Z",
"modified": "2016-08-18T12:45:43.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.150.6.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf7-1d70-4f73-b6f9-4804950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:43.000Z",
"modified": "2016-08-18T12:45:43.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.ceccatobassano.it/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf7-ecd0-4781-8d14-4a81950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:43.000Z",
"modified": "2016-08-18T12:45:43.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.ceccatobassano.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5adf7-a434-49bc-9955-4415950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:43.000Z",
"modified": "2016-08-18T12:45:43.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae06-c614-484f-b6bb-433d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:58.000Z",
"modified": "2016-08-18T12:45:58.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.unice.it/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae06-9994-4cb9-b0f5-4530950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:58.000Z",
"modified": "2016-08-18T12:45:58.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.unice.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae06-6060-4943-86d4-4aab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:58.000Z",
"modified": "2016-08-18T12:45:58.000Z",
"description": "download location",
"pattern": "[url:value = 'http://detlevs-homepage.de/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae07-01f0-4a8f-ad1e-477f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:59.000Z",
"modified": "2016-08-18T12:45:59.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'detlevs-homepage.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae07-5a84-4e0f-8273-4bef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:59.000Z",
"modified": "2016-08-18T12:45:59.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.145.156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae07-3438-44a4-822d-46fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:59.000Z",
"modified": "2016-08-18T12:45:59.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.beneli.be/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae07-7374-427f-b571-45a4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:45:59.000Z",
"modified": "2016-08-18T12:45:59.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.beneli.be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:45:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae08-4a58-4a43-b305-4405950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:46:00.000Z",
"modified": "2016-08-18T12:46:00.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.130.132.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:46:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae25-5f38-4b1c-8a8a-4a04950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:46:29.000Z",
"modified": "2016-08-18T12:46:29.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.alexpalmieri.com/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:46:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae26-ef78-44a0-b564-4009950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:46:30.000Z",
"modified": "2016-08-18T12:46:30.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.alexpalmieri.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:46:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae26-b860-406c-8190-4015950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:46:30.000Z",
"modified": "2016-08-18T12:46:30.000Z",
"description": "download location",
"pattern": "[url:value = 'http://a-plusrijopleiding.nl/jkYTFhb7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:46:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae26-5c90-4569-8843-4b58950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:46:30.000Z",
"modified": "2016-08-18T12:46:30.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'a-plusrijopleiding.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:46:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b5ae26-00ac-4768-82ad-46d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:46:30.000Z",
"modified": "2016-08-18T12:46:30.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.129.139.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-08-18T12:46:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--57b5ae6d-c600-4ecd-a842-4fab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-08-18T12:47:41.000Z",
"modified": "2016-08-18T12:47:41.000Z",
"first_observed": "2016-08-18T12:47:41Z",
"last_observed": "2016-08-18T12:47:41Z",
"number_observed": 1,
"object_refs": [
"email-message--57b5ae6d-c600-4ecd-a842-4fab950d210f"
],
"labels": [
"misp:type=\"email-subject\"",
"misp:category=\"Payload delivery\""
]
},
{
"type": "email-message",
"spec_version": "2.1",
"id": "email-message--57b5ae6d-c600-4ecd-a842-4fab950d210f",
"is_multipart": false,
"subject": "Emailing: Labe"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink