3696 lines
No EOL
149 KiB
JSON
3696 lines
No EOL
149 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--57c7d398-3440-41b9-8339-4e1e950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:09:59.000Z",
|
|
"modified": "2016-09-01T07:09:59.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--57c7d398-3440-41b9-8339-4e1e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:09:59.000Z",
|
|
"modified": "2016-09-01T07:09:59.000Z",
|
|
"name": "Malspam 2016-09-01 (.js in .zip) - campaign: \"flight tickets\"",
|
|
"published": "2016-09-01T07:10:33Z",
|
|
"object_refs": [
|
|
"indicator--57c7d3e6-5b94-48ca-912b-4cd1950d210f",
|
|
"indicator--57c7d3e7-d8e4-4ab4-a939-4d43950d210f",
|
|
"indicator--57c7d3e7-6bb8-40da-ac3a-44ce950d210f",
|
|
"indicator--57c7d3e7-f8ec-4671-a3b7-4d9e950d210f",
|
|
"indicator--57c7d3e7-2e30-4600-93a1-4716950d210f",
|
|
"indicator--57c7d3e7-2608-4fe3-ab42-41c2950d210f",
|
|
"indicator--57c7d3e8-9840-4703-888a-42b2950d210f",
|
|
"indicator--57c7d3e8-d12c-4ea7-8503-4dcc950d210f",
|
|
"indicator--57c7d3e8-d830-47e4-9b62-43b7950d210f",
|
|
"indicator--57c7d3e8-96c4-4f7d-a5fd-441a950d210f",
|
|
"indicator--57c7d3e9-cbac-4691-bc15-4723950d210f",
|
|
"indicator--57c7d3e9-340c-48e9-8b68-4246950d210f",
|
|
"indicator--57c7d3e9-3488-4c61-bca2-4967950d210f",
|
|
"indicator--57c7d3e9-5e1c-4911-8153-4160950d210f",
|
|
"indicator--57c7d3e9-c654-4543-8ff6-4e0a950d210f",
|
|
"indicator--57c7d3ea-e174-452d-bd53-47a9950d210f",
|
|
"indicator--57c7d3ea-1c88-4a99-919d-4799950d210f",
|
|
"indicator--57c7d3ea-6f58-449e-9668-40a6950d210f",
|
|
"indicator--57c7d3ea-1830-493c-bedc-4b0e950d210f",
|
|
"indicator--57c7d3ea-1974-4696-b64f-4ca1950d210f",
|
|
"indicator--57c7d3eb-af04-473d-a179-4fc1950d210f",
|
|
"indicator--57c7d3eb-d118-4d30-93d1-406d950d210f",
|
|
"indicator--57c7d3eb-37c0-4a97-b650-4ff8950d210f",
|
|
"indicator--57c7d3eb-50dc-4c1c-8ed7-4855950d210f",
|
|
"indicator--57c7d3ec-1468-4f88-8007-4df8950d210f",
|
|
"indicator--57c7d3ec-80f8-43ab-8703-4343950d210f",
|
|
"indicator--57c7d3ec-ad84-48bd-924f-491c950d210f",
|
|
"indicator--57c7d3ec-7c40-40ca-9629-4eb6950d210f",
|
|
"indicator--57c7d3ec-1e50-4275-8e17-44fc950d210f",
|
|
"indicator--57c7d3ed-a064-477d-ab61-4883950d210f",
|
|
"indicator--57c7d3ed-3e54-4f02-b301-4f5b950d210f",
|
|
"indicator--57c7d3ed-9198-4a7e-98f6-4a23950d210f",
|
|
"indicator--57c7d3ed-95e4-411a-900b-4dd7950d210f",
|
|
"indicator--57c7d3ee-8ff8-40c9-862c-4b8d950d210f",
|
|
"indicator--57c7d3ee-69e4-4e52-98d0-40b3950d210f",
|
|
"indicator--57c7d3ee-7534-4fd7-a0de-443d950d210f",
|
|
"indicator--57c7d3ee-36a8-4b14-9765-4707950d210f",
|
|
"indicator--57c7d3ee-efc4-47f4-807d-4678950d210f",
|
|
"indicator--57c7d3ef-3398-4323-8d5c-43c0950d210f",
|
|
"indicator--57c7d3ef-af18-46d9-9bc3-466d950d210f",
|
|
"indicator--57c7d3ef-81fc-4f13-a862-4c18950d210f",
|
|
"indicator--57c7d3ef-b3f8-405a-a5ad-465c950d210f",
|
|
"indicator--57c7d3f0-bf70-4f7e-9f70-42be950d210f",
|
|
"indicator--57c7d3f0-8ec8-4684-b098-4135950d210f",
|
|
"indicator--57c7d3f0-ef98-4d80-b748-4323950d210f",
|
|
"indicator--57c7d3f0-c2d0-4481-a798-486b950d210f",
|
|
"indicator--57c7d3f0-6488-469a-b176-4845950d210f",
|
|
"indicator--57c7d3f1-de40-4367-9737-4099950d210f",
|
|
"indicator--57c7d3f1-b730-4df1-b9ad-453f950d210f",
|
|
"indicator--57c7d3f1-b0b8-4027-9f87-4585950d210f",
|
|
"indicator--57c7d3f1-6914-46cb-bbcf-421e950d210f",
|
|
"indicator--57c7d3f1-2e04-4db0-8c8a-4f5f950d210f",
|
|
"indicator--57c7d3f2-0194-4fd4-85a2-4721950d210f",
|
|
"indicator--57c7d3f2-e1d0-4b8f-aad5-43dd950d210f",
|
|
"indicator--57c7d3f2-df48-4aae-8144-40d7950d210f",
|
|
"indicator--57c7d3f2-a104-463c-8909-45c6950d210f",
|
|
"indicator--57c7d3f2-9d50-49e1-a472-4772950d210f",
|
|
"indicator--57c7d3f3-55ec-4701-a550-4dbb950d210f",
|
|
"indicator--57c7d3f3-f820-4199-bf3d-461f950d210f",
|
|
"indicator--57c7d3f3-5be0-4bbc-82c0-41ef950d210f",
|
|
"indicator--57c7d3f3-0740-4cd8-aeed-430b950d210f",
|
|
"indicator--57c7d3f4-8068-4213-ab95-41f8950d210f",
|
|
"indicator--57c7d3f4-5e94-4268-81f8-4f4c950d210f",
|
|
"indicator--57c7d3f4-b1e0-49b4-a1a5-4866950d210f",
|
|
"indicator--57c7d3f4-dc70-4051-87cd-45de950d210f",
|
|
"indicator--57c7d3f4-95f0-4a14-9f53-4cfd950d210f",
|
|
"indicator--57c7d3f5-6fb4-41c9-93c8-49f3950d210f",
|
|
"indicator--57c7d3f5-601c-4301-a503-4d92950d210f",
|
|
"indicator--57c7d3f5-4444-4a6c-9dbd-4542950d210f",
|
|
"indicator--57c7d3f5-3054-411b-baf9-4138950d210f",
|
|
"indicator--57c7d3f5-c82c-42a0-b8eb-4d74950d210f",
|
|
"indicator--57c7d3f6-10b4-4972-867a-4031950d210f",
|
|
"indicator--57c7d3f6-bed0-4f71-9b1d-401f950d210f",
|
|
"indicator--57c7d3f6-3058-448c-878b-491f950d210f",
|
|
"indicator--57c7d3f6-bfd4-49a5-87b1-4869950d210f",
|
|
"indicator--57c7d3f7-ab80-4bf5-a24e-481b950d210f",
|
|
"indicator--57c7d3f7-bd44-48a5-aa06-4c87950d210f",
|
|
"indicator--57c7d3f7-e89c-4420-8047-491e950d210f",
|
|
"indicator--57c7d3f7-3ec4-4f76-9003-4295950d210f",
|
|
"indicator--57c7d3f7-48f4-4d01-9cf2-4f77950d210f",
|
|
"indicator--57c7d3f8-2dd4-44b8-bb82-4290950d210f",
|
|
"indicator--57c7d3f8-a4a4-4876-b8ef-466f950d210f",
|
|
"indicator--57c7d3f8-48d4-46b2-9a8a-4144950d210f",
|
|
"indicator--57c7d3f8-8144-407e-9ef4-4cd8950d210f",
|
|
"indicator--57c7d3f9-9284-487b-b729-4cc4950d210f",
|
|
"indicator--57c7d3f9-0b40-4e59-98f9-4258950d210f",
|
|
"indicator--57c7d3f9-3e3c-488f-887b-45c0950d210f",
|
|
"indicator--57c7d3f9-d8a0-4b12-9c7d-4d28950d210f",
|
|
"indicator--57c7d3f9-e3bc-472d-932e-465f950d210f",
|
|
"indicator--57c7d3fa-57f4-4016-ae83-44ff950d210f",
|
|
"indicator--57c7d3fa-ff0c-4840-91c5-4b4e950d210f",
|
|
"indicator--57c7d3fa-288c-4b1f-b78b-4d2b950d210f",
|
|
"indicator--57c7d3fa-720c-4f5f-ba06-4381950d210f",
|
|
"indicator--57c7d3fb-8de8-406e-bc7c-44b4950d210f",
|
|
"indicator--57c7d3fb-78f8-4a4c-8d60-4d5e950d210f",
|
|
"indicator--57c7d3fb-d4e8-454b-bce4-43ff950d210f",
|
|
"indicator--57c7d3fb-6650-4701-abbe-4bbd950d210f",
|
|
"indicator--57c7d3fb-3cf8-4daa-9324-449a950d210f",
|
|
"indicator--57c7d3fc-fd0c-4442-b557-4391950d210f",
|
|
"indicator--57c7d3fc-c884-4a7e-881e-4d31950d210f",
|
|
"indicator--57c7d3fc-99e4-4f13-90d4-4eb1950d210f",
|
|
"indicator--57c7d3fc-7440-4916-b99b-42a4950d210f",
|
|
"indicator--57c7d3fd-5d0c-463d-a195-46f8950d210f",
|
|
"indicator--57c7d3fd-ee80-4f31-87be-49e6950d210f",
|
|
"indicator--57c7d3fd-f530-4118-ac5e-4180950d210f",
|
|
"indicator--57c7d3fd-1f54-4da5-ac1e-4f9a950d210f",
|
|
"indicator--57c7d3fd-e8f4-45f2-979a-4ce6950d210f",
|
|
"indicator--57c7d3fe-27e8-4504-a3c8-466c950d210f",
|
|
"indicator--57c7d3fe-edb0-4678-b76b-41a3950d210f",
|
|
"indicator--57c7d3fe-40ec-4d4e-b036-4571950d210f",
|
|
"indicator--57c7d3fe-bfdc-4e0b-b002-4fab950d210f",
|
|
"indicator--57c7d3fe-a580-4dc7-83be-4895950d210f",
|
|
"indicator--57c7d3ff-8270-462c-9b45-4f7b950d210f",
|
|
"indicator--57c7d3ff-29c4-48ac-9a5b-47e9950d210f",
|
|
"indicator--57c7d3ff-e12c-4ecd-b0c4-4369950d210f",
|
|
"indicator--57c7d3ff-650c-4504-91a3-472e950d210f",
|
|
"indicator--57c7d400-de74-445a-ba4b-4d45950d210f",
|
|
"indicator--57c7d400-6970-4103-802c-4dcf950d210f",
|
|
"indicator--57c7d400-ba70-4046-858c-4c86950d210f",
|
|
"indicator--57c7d400-fb98-423d-97cc-49b3950d210f",
|
|
"indicator--57c7d400-de00-4753-b6a7-44b5950d210f",
|
|
"indicator--57c7d401-5b20-435c-a874-435a950d210f",
|
|
"indicator--57c7d401-5900-4f96-ad95-4655950d210f",
|
|
"indicator--57c7d401-6ed4-43b9-97cc-4d4f950d210f",
|
|
"indicator--57c7d401-c174-44e8-b828-4697950d210f",
|
|
"indicator--57c7d401-93ac-49df-8c69-404f950d210f",
|
|
"indicator--57c7d402-12a4-4aad-b560-4ec4950d210f",
|
|
"indicator--57c7d402-67c0-44df-a947-41f3950d210f",
|
|
"indicator--57c7d402-f4a8-4aaa-8ea9-41ad950d210f",
|
|
"indicator--57c7d402-6008-49d8-942f-4cf5950d210f",
|
|
"indicator--57c7d403-8870-46f0-a07c-4bb6950d210f",
|
|
"indicator--57c7d403-cfc4-4155-8611-419f950d210f",
|
|
"indicator--57c7d403-5338-4aaf-83a6-4a0a950d210f",
|
|
"indicator--57c7d403-8a0c-4a98-b242-4aa4950d210f",
|
|
"indicator--57c7d403-fdd4-4a88-abf0-4df0950d210f",
|
|
"indicator--57c7d404-c1f0-4eff-9447-469f950d210f",
|
|
"indicator--57c7d404-0f60-4ce5-a151-4f69950d210f",
|
|
"indicator--57c7d404-1c94-43c6-bedd-4adc950d210f",
|
|
"indicator--57c7d404-6390-437b-89a1-4436950d210f",
|
|
"indicator--57c7d405-69e8-4110-8cde-459a950d210f",
|
|
"indicator--57c7d405-e4e8-46a1-bd16-42ae950d210f",
|
|
"indicator--57c7d405-f768-49b3-a075-4a7a950d210f",
|
|
"indicator--57c7d405-0d70-4f2e-a5ca-4907950d210f",
|
|
"indicator--57c7d405-279c-4369-8b94-4f86950d210f",
|
|
"indicator--57c7d406-9468-49ff-a552-4eb6950d210f",
|
|
"indicator--57c7d406-6734-4640-8b73-4bb5950d210f"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"circl:incident-classification=\"malware\""
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e6-5b94-48ca-912b-4cd1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:22.000Z",
|
|
"modified": "2016-09-01T07:08:22.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://mambarambaro.ws/0kuhj']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e7-d8e4-4ab4-a939-4d43950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:23.000Z",
|
|
"modified": "2016-09-01T07:08:23.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'mambarambaro.ws']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e7-6bb8-40da-ac3a-44ce950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:23.000Z",
|
|
"modified": "2016-09-01T07:08:23.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.69.147.88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e7-f8ec-4671-a3b7-4d9e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:23.000Z",
|
|
"modified": "2016-09-01T07:08:23.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://timetobuymlw.in/1x3xiq5i']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e7-2e30-4600-93a1-4716950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:23.000Z",
|
|
"modified": "2016-09-01T07:08:23.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'timetobuymlw.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e7-2608-4fe3-ab42-41c2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:23.000Z",
|
|
"modified": "2016-09-01T07:08:23.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.99.111.28']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e8-9840-4703-888a-42b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:24.000Z",
|
|
"modified": "2016-09-01T07:08:24.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://virmalw.name/31fwt4cs']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e8-d12c-4ea7-8503-4dcc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:24.000Z",
|
|
"modified": "2016-09-01T07:08:24.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'virmalw.name']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e8-d830-47e4-9b62-43b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:24.000Z",
|
|
"modified": "2016-09-01T07:08:24.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.luigigiordano.org/njkg8j']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e8-96c4-4f7d-a5fd-441a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:24.000Z",
|
|
"modified": "2016-09-01T07:08:24.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.luigigiordano.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e9-cbac-4691-bc15-4723950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:25.000Z",
|
|
"modified": "2016-09-01T07:08:25.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.205.40.169']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e9-340c-48e9-8b68-4246950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:25.000Z",
|
|
"modified": "2016-09-01T07:08:25.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://w07q93g5g.homepage.t-online.de/b20pqog6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e9-3488-4c61-bca2-4967950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:25.000Z",
|
|
"modified": "2016-09-01T07:08:25.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'w07q93g5g.homepage.t-online.de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e9-5e1c-4911-8153-4160950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:25.000Z",
|
|
"modified": "2016-09-01T07:08:25.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.150.6.138']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3e9-c654-4543-8ff6-4e0a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:25.000Z",
|
|
"modified": "2016-09-01T07:08:25.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://bookinghotworld.ws/03o9ztt']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ea-e174-452d-bd53-47a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:26.000Z",
|
|
"modified": "2016-09-01T07:08:26.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'bookinghotworld.ws']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ea-1c88-4a99-919d-4799950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:26.000Z",
|
|
"modified": "2016-09-01T07:08:26.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://a-tconsulting.co.uk/jjn76fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ea-6f58-449e-9668-40a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:26.000Z",
|
|
"modified": "2016-09-01T07:08:26.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'a-tconsulting.co.uk']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ea-1830-493c-bedc-4b0e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:26.000Z",
|
|
"modified": "2016-09-01T07:08:26.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.159.9.91']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ea-1974-4696-b64f-4ca1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:26.000Z",
|
|
"modified": "2016-09-01T07:08:26.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://malwinstall.wang/0b9zg']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3eb-af04-473d-a179-4fc1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:27.000Z",
|
|
"modified": "2016-09-01T07:08:27.000Z",
|
|
"description": "download location",
|
|
"pattern": "[file:name = 'malwinstall.wang']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3eb-d118-4d30-93d1-406d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:27.000Z",
|
|
"modified": "2016-09-01T07:08:27.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://aromas-naturales.50webs.com/87bou8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3eb-37c0-4a97-b650-4ff8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:27.000Z",
|
|
"modified": "2016-09-01T07:08:27.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'aromas-naturales.50webs.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3eb-50dc-4c1c-8ed7-4855950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:27.000Z",
|
|
"modified": "2016-09-01T07:08:27.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.101.117']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ec-1468-4f88-8007-4df8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:28.000Z",
|
|
"modified": "2016-09-01T07:08:28.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://powermax.ru/fqte8le']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ec-80f8-43ab-8703-4343950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:28.000Z",
|
|
"modified": "2016-09-01T07:08:28.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'powermax.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ec-ad84-48bd-924f-491c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:28.000Z",
|
|
"modified": "2016-09-01T07:08:28.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.189.197.56']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ec-7c40-40ca-9629-4eb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:28.000Z",
|
|
"modified": "2016-09-01T07:08:28.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.download.extraslot.ru/hvuns']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ec-1e50-4275-8e17-44fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:28.000Z",
|
|
"modified": "2016-09-01T07:08:28.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.download.extraslot.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ed-a064-477d-ab61-4883950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:29.000Z",
|
|
"modified": "2016-09-01T07:08:29.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.173.139.197']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ed-3e54-4f02-b301-4f5b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:29.000Z",
|
|
"modified": "2016-09-01T07:08:29.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://stiopka.atspace.com/7k5i3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ed-9198-4a7e-98f6-4a23950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:29.000Z",
|
|
"modified": "2016-09-01T07:08:29.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'stiopka.atspace.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ed-95e4-411a-900b-4dd7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:29.000Z",
|
|
"modified": "2016-09-01T07:08:29.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.197.131.109']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ee-8ff8-40c9-862c-4b8d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:30.000Z",
|
|
"modified": "2016-09-01T07:08:30.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://sonaeyou1.web.fc2.com/vfzrxb9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ee-69e4-4e52-98d0-40b3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:30.000Z",
|
|
"modified": "2016-09-01T07:08:30.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'sonaeyou1.web.fc2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ee-7534-4fd7-a0de-443d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:30.000Z",
|
|
"modified": "2016-09-01T07:08:30.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.48']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ee-36a8-4b14-9765-4707950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:30.000Z",
|
|
"modified": "2016-09-01T07:08:30.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://yhinas.hanagumori.com/31fwt4cs']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ee-efc4-47f4-807d-4678950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:30.000Z",
|
|
"modified": "2016-09-01T07:08:30.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'yhinas.hanagumori.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ef-3398-4323-8d5c-43c0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:31.000Z",
|
|
"modified": "2016-09-01T07:08:31.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.42.29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ef-af18-46d9-9bc3-466d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:31.000Z",
|
|
"modified": "2016-09-01T07:08:31.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.assonet.org/3dhsh']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ef-81fc-4f13-a862-4c18950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:31.000Z",
|
|
"modified": "2016-09-01T07:08:31.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.assonet.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ef-b3f8-405a-a5ad-465c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:31.000Z",
|
|
"modified": "2016-09-01T07:08:31.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.78.215.76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f0-bf70-4f7e-9f70-42be950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:32.000Z",
|
|
"modified": "2016-09-01T07:08:32.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://simo62.web.fc2.com/yywcdpbu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f0-8ec8-4684-b098-4135950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:32.000Z",
|
|
"modified": "2016-09-01T07:08:32.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'simo62.web.fc2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f0-ef98-4d80-b748-4323950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:32.000Z",
|
|
"modified": "2016-09-01T07:08:32.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f0-c2d0-4481-a798-486b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:32.000Z",
|
|
"modified": "2016-09-01T07:08:32.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://rakutenjapan.web.fc2.com/hwhi3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f0-6488-469a-b176-4845950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:32.000Z",
|
|
"modified": "2016-09-01T07:08:32.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'rakutenjapan.web.fc2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f1-de40-4367-9737-4099950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:33.000Z",
|
|
"modified": "2016-09-01T07:08:33.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.49']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f1-b730-4df1-b9ad-453f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:33.000Z",
|
|
"modified": "2016-09-01T07:08:33.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.avisgibellina.it/k6h6i7we']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f1-b0b8-4027-9f87-4585950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:33.000Z",
|
|
"modified": "2016-09-01T07:08:33.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.avisgibellina.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f1-6914-46cb-bbcf-421e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:33.000Z",
|
|
"modified": "2016-09-01T07:08:33.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://footballsoccerdvd.web.fc2.com/54u78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f1-2e04-4db0-8c8a-4f5f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:33.000Z",
|
|
"modified": "2016-09-01T07:08:33.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'footballsoccerdvd.web.fc2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f2-0194-4fd4-85a2-4721950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:34.000Z",
|
|
"modified": "2016-09-01T07:08:34.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.41']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f2-e1d0-4b8f-aad5-43dd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:34.000Z",
|
|
"modified": "2016-09-01T07:08:34.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.redanchemical.com/dtzg24s']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f2-df48-4aae-8144-40d7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:34.000Z",
|
|
"modified": "2016-09-01T07:08:34.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.redanchemical.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f2-a104-463c-8909-45c6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:34.000Z",
|
|
"modified": "2016-09-01T07:08:34.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.itogazaidan.jp/hnnencdd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f2-9d50-49e1-a472-4772950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:34.000Z",
|
|
"modified": "2016-09-01T07:08:34.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.itogazaidan.jp']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f3-55ec-4701-a550-4dbb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:35.000Z",
|
|
"modified": "2016-09-01T07:08:35.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.161.160.157']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f3-f820-4199-bf3d-461f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:35.000Z",
|
|
"modified": "2016-09-01T07:08:35.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://roger.pierrieau.perso.sfr.fr/68d8ti']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f3-5be0-4bbc-82c0-41ef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:35.000Z",
|
|
"modified": "2016-09-01T07:08:35.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'roger.pierrieau.perso.sfr.fr']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f3-0740-4cd8-aeed-430b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:35.000Z",
|
|
"modified": "2016-09-01T07:08:35.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.65.123.70']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f4-8068-4213-ab95-41f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:36.000Z",
|
|
"modified": "2016-09-01T07:08:36.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.hotelancorariviera.com/tm0pnjrq']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f4-5e94-4268-81f8-4f4c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:36.000Z",
|
|
"modified": "2016-09-01T07:08:36.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.hotelancorariviera.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f4-b1e0-49b4-a1a5-4866950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:36.000Z",
|
|
"modified": "2016-09-01T07:08:36.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.158.72.90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f4-dc70-4051-87cd-45de950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:36.000Z",
|
|
"modified": "2016-09-01T07:08:36.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://72.47.222.40/~princeton/59h385']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f4-95f0-4a14-9f53-4cfd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:36.000Z",
|
|
"modified": "2016-09-01T07:08:36.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '72.47.222.40']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f5-6fb4-41c9-93c8-49f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:37.000Z",
|
|
"modified": "2016-09-01T07:08:37.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://members.chello.at/~ferencs/oqqqu2ih']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f5-601c-4301-a503-4d92950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:37.000Z",
|
|
"modified": "2016-09-01T07:08:37.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'members.chello.at']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f5-4444-4a6c-9dbd-4542950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:37.000Z",
|
|
"modified": "2016-09-01T07:08:37.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.109.240.79']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f5-3054-411b-baf9-4138950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:37.000Z",
|
|
"modified": "2016-09-01T07:08:37.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://nibis.de/~ffsstade/53s67f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f5-c82c-42a0-b8eb-4d74950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:37.000Z",
|
|
"modified": "2016-09-01T07:08:37.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'nibis.de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f6-10b4-4972-867a-4031950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:38.000Z",
|
|
"modified": "2016-09-01T07:08:38.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.23.76.90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f6-bed0-4f71-9b1d-401f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:38.000Z",
|
|
"modified": "2016-09-01T07:08:38.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://user22393.vs.easily.co.uk/rq758n']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f6-3058-448c-878b-491f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:38.000Z",
|
|
"modified": "2016-09-01T07:08:38.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'user22393.vs.easily.co.uk']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f6-bfd4-49a5-87b1-4869950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:38.000Z",
|
|
"modified": "2016-09-01T07:08:38.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.194.151.38']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f7-ab80-4bf5-a24e-481b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:39.000Z",
|
|
"modified": "2016-09-01T07:08:39.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://files.renderings.com/xyj4yct']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f7-bd44-48a5-aa06-4c87950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:39.000Z",
|
|
"modified": "2016-09-01T07:08:39.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'files.renderings.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f7-e89c-4420-8047-491e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:39.000Z",
|
|
"modified": "2016-09-01T07:08:39.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '98.129.229.24']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f7-3ec4-4f76-9003-4295950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:39.000Z",
|
|
"modified": "2016-09-01T07:08:39.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.francogatta.it/npoa0lzw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f7-48f4-4d01-9cf2-4f77950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:39.000Z",
|
|
"modified": "2016-09-01T07:08:39.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.francogatta.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f8-2dd4-44b8-bb82-4290950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:40.000Z",
|
|
"modified": "2016-09-01T07:08:40.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.engware.it/bqf58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f8-a4a4-4876-b8ef-466f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:40.000Z",
|
|
"modified": "2016-09-01T07:08:40.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.engware.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f8-48d4-46b2-9a8a-4144950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:40.000Z",
|
|
"modified": "2016-09-01T07:08:40.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.themccrarys.us/p4xx86']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f8-8144-407e-9ef4-4cd8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:40.000Z",
|
|
"modified": "2016-09-01T07:08:40.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.themccrarys.us']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f9-9284-487b-b729-4cc4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:41.000Z",
|
|
"modified": "2016-09-01T07:08:41.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.29.151.221']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f9-0b40-4e59-98f9-4258950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:41.000Z",
|
|
"modified": "2016-09-01T07:08:41.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://higashikurumesc.web.fc2.com/z3h30dd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f9-3e3c-488f-887b-45c0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:41.000Z",
|
|
"modified": "2016-09-01T07:08:41.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'higashikurumesc.web.fc2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f9-d8a0-4b12-9c7d-4d28950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:41.000Z",
|
|
"modified": "2016-09-01T07:08:41.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3f9-e3bc-472d-932e-465f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:41.000Z",
|
|
"modified": "2016-09-01T07:08:41.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://kabunews.web.fc2.com/y5i8r']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fa-57f4-4016-ae83-44ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:42.000Z",
|
|
"modified": "2016-09-01T07:08:42.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'kabunews.web.fc2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fa-ff0c-4840-91c5-4b4e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:42.000Z",
|
|
"modified": "2016-09-01T07:08:42.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fa-288c-4b1f-b78b-4d2b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:42.000Z",
|
|
"modified": "2016-09-01T07:08:42.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://reaktywacja.pawlov.cba.pl/87zji']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fa-720c-4f5f-ba06-4381950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:42.000Z",
|
|
"modified": "2016-09-01T07:08:42.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'reaktywacja.pawlov.cba.pl']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fb-8de8-406e-bc7c-44b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:43.000Z",
|
|
"modified": "2016-09-01T07:08:43.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.144.65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fb-78f8-4a4c-8d60-4d5e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:43.000Z",
|
|
"modified": "2016-09-01T07:08:43.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://instalserie.pt/ofagf4n5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fb-d4e8-454b-bce4-43ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:43.000Z",
|
|
"modified": "2016-09-01T07:08:43.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'instalserie.pt']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fb-6650-4701-abbe-4bbd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:43.000Z",
|
|
"modified": "2016-09-01T07:08:43.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.88.57.70']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fb-3cf8-4daa-9324-449a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:43.000Z",
|
|
"modified": "2016-09-01T07:08:43.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://nkbzryw.republika.pl/j6nl9gm']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fc-fd0c-4442-b557-4391950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:44.000Z",
|
|
"modified": "2016-09-01T07:08:44.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'nkbzryw.republika.pl']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fc-c884-4a7e-881e-4d31950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:44.000Z",
|
|
"modified": "2016-09-01T07:08:44.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.180.150.17']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fc-99e4-4f13-90d4-4eb1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:44.000Z",
|
|
"modified": "2016-09-01T07:08:44.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.francescafraioli.it/pzwnpmmy']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fc-7440-4916-b99b-42a4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:44.000Z",
|
|
"modified": "2016-09-01T07:08:44.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.francescafraioli.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fd-5d0c-463d-a195-46f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:45.000Z",
|
|
"modified": "2016-09-01T07:08:45.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.apmmc.it/u2d1j']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fd-ee80-4f31-87be-49e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:45.000Z",
|
|
"modified": "2016-09-01T07:08:45.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.apmmc.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fd-f530-4118-ac5e-4180950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:45.000Z",
|
|
"modified": "2016-09-01T07:08:45.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.73.225.20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fd-1f54-4da5-ac1e-4f9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:45.000Z",
|
|
"modified": "2016-09-01T07:08:45.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://sanluisweb.50webs.com/oi598tv']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fd-e8f4-45f2-979a-4ce6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:45.000Z",
|
|
"modified": "2016-09-01T07:08:45.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'sanluisweb.50webs.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fe-27e8-4504-a3c8-466c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:46.000Z",
|
|
"modified": "2016-09-01T07:08:46.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.101.99']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fe-edb0-4678-b76b-41a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:46.000Z",
|
|
"modified": "2016-09-01T07:08:46.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://alc-okadakogyo.com/d3tcv1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fe-40ec-4d4e-b036-4571950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:46.000Z",
|
|
"modified": "2016-09-01T07:08:46.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'alc-okadakogyo.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fe-bfdc-4e0b-b002-4fab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:46.000Z",
|
|
"modified": "2016-09-01T07:08:46.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.157.28.18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3fe-a580-4dc7-83be-4895950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:46.000Z",
|
|
"modified": "2016-09-01T07:08:46.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.kreso.it/x6oj6v']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ff-8270-462c-9b45-4f7b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:47.000Z",
|
|
"modified": "2016-09-01T07:08:47.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.kreso.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ff-29c4-48ac-9a5b-47e9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:47.000Z",
|
|
"modified": "2016-09-01T07:08:47.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://18vek.spb.ru/p3isx']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ff-e12c-4ecd-b0c4-4369950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:47.000Z",
|
|
"modified": "2016-09-01T07:08:47.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = '18vek.spb.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d3ff-650c-4504-91a3-472e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:47.000Z",
|
|
"modified": "2016-09-01T07:08:47.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.148.216.220']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d400-de74-445a-ba4b-4d45950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:48.000Z",
|
|
"modified": "2016-09-01T07:08:48.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.fmpromedia.com/fim8xbh']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d400-6970-4103-802c-4dcf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:48.000Z",
|
|
"modified": "2016-09-01T07:08:48.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.fmpromedia.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d400-ba70-4046-858c-4c86950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:48.000Z",
|
|
"modified": "2016-09-01T07:08:48.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://brilli.dialogicnet.it/ceisystems.net/zxp2bczb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d400-fb98-423d-97cc-49b3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:48.000Z",
|
|
"modified": "2016-09-01T07:08:48.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'brilli.dialogicnet.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d400-de00-4753-b6a7-44b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:48.000Z",
|
|
"modified": "2016-09-01T07:08:48.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.20.80.5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d401-5b20-435c-a874-435a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:49.000Z",
|
|
"modified": "2016-09-01T07:08:49.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.end-motorsport.de/rjhae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d401-5900-4f96-ad95-4655950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:49.000Z",
|
|
"modified": "2016-09-01T07:08:49.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.end-motorsport.de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d401-6ed4-43b9-97cc-4d4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:49.000Z",
|
|
"modified": "2016-09-01T07:08:49.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.220.144.3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d401-c174-44e8-b828-4697950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:49.000Z",
|
|
"modified": "2016-09-01T07:08:49.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.ieslamerced.es/zhjkqpkc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d401-93ac-49df-8c69-404f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:49.000Z",
|
|
"modified": "2016-09-01T07:08:49.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.ieslamerced.es']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d402-12a4-4aad-b560-4ec4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:50.000Z",
|
|
"modified": "2016-09-01T07:08:50.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.42.230.17']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d402-67c0-44df-a947-41f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:50.000Z",
|
|
"modified": "2016-09-01T07:08:50.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.personalshoppingservice.it/pa51ijl']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d402-f4a8-4aaa-8ea9-41ad950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:50.000Z",
|
|
"modified": "2016-09-01T07:08:50.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.personalshoppingservice.it']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d402-6008-49d8-942f-4cf5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:50.000Z",
|
|
"modified": "2016-09-01T07:08:50.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://convenilifecanbe.web.fc2.com/umnm0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d403-8870-46f0-a07c-4bb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:51.000Z",
|
|
"modified": "2016-09-01T07:08:51.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'convenilifecanbe.web.fc2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d403-cfc4-4155-8611-419f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:51.000Z",
|
|
"modified": "2016-09-01T07:08:51.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.71.106.39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d403-5338-4aaf-83a6-4a0a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:51.000Z",
|
|
"modified": "2016-09-01T07:08:51.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://76.74.242.140/~nonni416/19o5f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d403-8a0c-4a98-b242-4aa4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:51.000Z",
|
|
"modified": "2016-09-01T07:08:51.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.74.242.140']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d403-fdd4-4a88-abf0-4df0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:51.000Z",
|
|
"modified": "2016-09-01T07:08:51.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://finishcar.de/wyl4ps']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d404-c1f0-4eff-9447-469f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:52.000Z",
|
|
"modified": "2016-09-01T07:08:52.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'finishcar.de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d404-0f60-4ce5-a151-4f69950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:52.000Z",
|
|
"modified": "2016-09-01T07:08:52.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.31.143.112']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d404-1c94-43c6-bedd-4adc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:52.000Z",
|
|
"modified": "2016-09-01T07:08:52.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://csmwwst.de/eygrg56']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d404-6390-437b-89a1-4436950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:52.000Z",
|
|
"modified": "2016-09-01T07:08:52.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'csmwwst.de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d405-69e8-4110-8cde-459a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:53.000Z",
|
|
"modified": "2016-09-01T07:08:53.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '87.238.192.102']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d405-e4e8-46a1-bd16-42ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:53.000Z",
|
|
"modified": "2016-09-01T07:08:53.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://www.commentaborderunefille.fr/rwbnm']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d405-f768-49b3-a075-4a7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:53.000Z",
|
|
"modified": "2016-09-01T07:08:53.000Z",
|
|
"description": "download location",
|
|
"pattern": "[domain-name:value = 'www.commentaborderunefille.fr']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d405-0d70-4f2e-a5ca-4907950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:53.000Z",
|
|
"modified": "2016-09-01T07:08:53.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.186.33.4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d405-279c-4369-8b94-4f86950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:53.000Z",
|
|
"modified": "2016-09-01T07:08:53.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://alc-okadakogyo.com/c4bl21']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d406-9468-49ff-a552-4eb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:54.000Z",
|
|
"modified": "2016-09-01T07:08:54.000Z",
|
|
"description": "download location",
|
|
"pattern": "[url:value = 'http://82.145.39.61/~ianjeffrey/c5esiqs']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57c7d406-6734-4640-8b73-4bb5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-09-01T07:08:54.000Z",
|
|
"modified": "2016-09-01T07:08:54.000Z",
|
|
"description": "download location",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.145.39.61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-09-01T07:08:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |