adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/57fdfd37-72a8-4308-a5e2-4b98950d210f.json

1970 lines
No EOL
80 KiB
JSON
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--57fdfd37-72a8-4308-a5e2-4b98950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T11:53:31.000Z",
"modified": "2016-10-12T11:53:31.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--57fdfd37-72a8-4308-a5e2-4b98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T11:53:31.000Z",
"modified": "2016-10-12T11:53:31.000Z",
"name": "Spam 2016-10-12 (mule acquisition) - probably related to Locky resources",
"published": "2016-10-12T13:09:48Z",
"object_refs": [
"indicator--57fdfee2-bd24-4b26-9cc8-418e950d210f",
"indicator--57fdfee3-ce38-4be1-b79c-4b47950d210f",
"indicator--57fdfee3-c1b8-481b-8da3-4df5950d210f",
"indicator--57fdfee4-9ee0-49c1-8fa0-449e950d210f",
"indicator--57fdfee4-5794-40f4-ad85-4250950d210f",
"indicator--57fdfee5-586c-4cd3-8217-4181950d210f",
"indicator--57fdfee6-cc18-46b1-bc8f-465f950d210f",
"indicator--57fdfee6-7890-4c33-a946-40e0950d210f",
"indicator--57fdfee6-e0ec-492f-992e-4234950d210f",
"indicator--57fdfee7-56cc-4ed6-9c4d-49e0950d210f",
"indicator--57fdfee7-2c10-43de-9297-4746950d210f",
"indicator--57fdfee8-b4bc-422f-89c9-4a57950d210f",
"indicator--57fdfee9-8194-456c-b2a4-4ff0950d210f",
"indicator--57fdfee9-1fcc-4ea6-be3a-467f950d210f",
"indicator--57fdfeea-9188-4c1a-ab9f-4643950d210f",
"indicator--57fdfeea-c948-4098-86a3-42ab950d210f",
"indicator--57fdfeeb-c430-4531-9d7b-4399950d210f",
"indicator--57fdfeeb-e074-48dc-b039-4cdf950d210f",
"indicator--57fdfeec-b37c-4b95-96e6-4bd5950d210f",
"indicator--57fdfeec-3950-4412-aaff-4547950d210f",
"indicator--57fdfeed-d1ec-4a6c-9e91-4d14950d210f",
"indicator--57fdfeee-ff34-4019-b5fc-4ce6950d210f",
"indicator--57fdfeee-c4ac-4232-8219-4cd8950d210f",
"indicator--57fdfeef-9df0-4dc9-9add-4db9950d210f",
"indicator--57fdfeef-2e78-4d60-8896-4fb8950d210f",
"indicator--57fdfef0-b488-4659-a95a-445c950d210f",
"indicator--57fdfef1-4ce4-4ca5-92d6-4752950d210f",
"indicator--57fdfef1-8644-4d2f-843a-497a950d210f",
"indicator--57fdfef2-3934-49cf-9d6e-44ff950d210f",
"indicator--57fdfef2-0330-4f18-9075-4d23950d210f",
"indicator--57fdfef3-d350-42e2-96af-4ec0950d210f",
"indicator--57fdfef4-4cbc-4f06-ac69-409e950d210f",
"indicator--57fdfef4-54f0-43de-a665-4859950d210f",
"indicator--57fdfef5-679c-46af-a391-4177950d210f",
"indicator--57fdfef5-c934-45e3-bba4-472f950d210f",
"indicator--57fdfef6-f038-42fc-937b-47dc950d210f",
"indicator--57fdfef7-2044-4a02-bff5-4818950d210f",
"indicator--57fdfef7-f728-489f-a6a4-4bed950d210f",
"indicator--57fdfef8-a558-4388-8810-4f5a950d210f",
"indicator--57fdfef8-24c4-4a2d-8384-4bf1950d210f",
"indicator--57fdfef9-e684-40bd-b826-4f53950d210f",
"indicator--57fdfef9-f648-4b01-8965-4c6a950d210f",
"indicator--57fdfefa-1a0c-4907-9d1d-4969950d210f",
"indicator--57fdfefa-f1f8-4707-978e-40fb950d210f",
"indicator--57fdfefb-d924-4ec8-89dd-411a950d210f",
"indicator--57fdfefc-fde4-4a64-81d8-4673950d210f",
"indicator--57fdfefc-754c-43da-9b92-4e5e950d210f",
"indicator--57fdfefd-0134-40c2-8c36-4250950d210f",
"indicator--57fdfefe-8910-4b93-975d-42eb950d210f",
"indicator--57fdfefe-61c4-4d15-93a2-418e950d210f",
"indicator--57fdfeff-3bd8-446a-ad4c-4e39950d210f",
"indicator--57fdfeff-5ecc-4244-99e8-49b5950d210f",
"indicator--57fdff00-6198-4683-a530-43f3950d210f",
"indicator--57fdff01-4fcc-4161-bfac-46ed950d210f",
"indicator--57fdff01-cac8-42fa-8db0-4adc950d210f",
"indicator--57fdff02-fb84-4c55-9f0b-4b0a950d210f",
"indicator--57fdff02-2070-48d9-a8e3-4616950d210f",
"indicator--57fdff03-6874-43c5-b2f6-4cd9950d210f",
"indicator--57fdff04-afc0-451c-a1ff-44a6950d210f",
"indicator--57fdff04-87c4-4b36-bcae-45da950d210f",
"indicator--57fdff05-1464-4102-b295-4e84950d210f",
"indicator--57fdff05-4af8-47ab-aac3-4671950d210f",
"indicator--57fdff06-1b20-41e7-b193-4acf950d210f",
"indicator--57fdff07-4114-41c7-a6a7-4a00950d210f",
"indicator--57fdff07-537c-47eb-9eca-4482950d210f",
"indicator--57fdff08-4128-4582-a0dd-4f0c950d210f",
"indicator--57fdff09-3b30-4bb1-b4a9-4786950d210f",
"indicator--57fdff09-848c-411d-b4fe-4c42950d210f",
"indicator--57fdff0a-0e6c-4541-abe1-4970950d210f",
"indicator--57fdff0a-4248-4002-a482-4575950d210f",
"indicator--57fdff0b-c250-4173-bf02-4865950d210f",
"indicator--57fdff0b-8df4-4f0d-a8cd-416c950d210f",
"indicator--57fdff0c-3148-473e-963f-473f950d210f",
"indicator--57fdff0d-8a5c-4f9b-bf0b-415c950d210f",
"indicator--57fdff0d-2a14-49a9-aa36-42e8950d210f",
"indicator--57fdff0e-7398-4d4e-8dff-4cc5950d210f",
"indicator--57fe2421-9a8c-4b55-ab95-4229950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee2-bd24-4b26-9cc8-418e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:10.000Z",
"modified": "2016-10-12T09:14:10.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://7gpj.com/wp-content/plugins/dx-seo-tool/extends/image-att/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee3-ce38-4be1-b79c-4b47950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:11.000Z",
"modified": "2016-10-12T09:14:11.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = '7gpj.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee3-c1b8-481b-8da3-4df5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:11.000Z",
"modified": "2016-10-12T09:14:11.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '121.127.255.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee4-9ee0-49c1-8fa0-449e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:12.000Z",
"modified": "2016-10-12T09:14:12.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://alexnetdev.com/wp-content/themes/twentyfourteen/genericons/font/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee4-5794-40f4-ad85-4250950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:12.000Z",
"modified": "2016-10-12T09:14:12.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'alexnetdev.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee5-586c-4cd3-8217-4181950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:13.000Z",
"modified": "2016-10-12T09:14:13.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '98.220.156.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee6-cc18-46b1-bc8f-465f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:14.000Z",
"modified": "2016-10-12T09:14:14.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://almarest.kz/kblco3/par/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee6-7890-4c33-a946-40e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:14.000Z",
"modified": "2016-10-12T09:14:14.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'almarest.kz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee6-e0ec-492f-992e-4234950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:14.000Z",
"modified": "2016-10-12T09:14:14.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.201.215.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee7-56cc-4ed6-9c4d-49e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:15.000Z",
"modified": "2016-10-12T09:14:15.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://avtomarket21.com/administrator/components/com_jce/views/preferences/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee7-2c10-43de-9297-4746950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:15.000Z",
"modified": "2016-10-12T09:14:15.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'avtomarket21.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee8-b4bc-422f-89c9-4a57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:16.000Z",
"modified": "2016-10-12T09:14:16.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.141.48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee9-8194-456c-b2a4-4ff0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:17.000Z",
"modified": "2016-10-12T09:14:17.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://boostsales360.com/wp-includes/js/tinymce/plugins/wordpress/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfee9-1fcc-4ea6-be3a-467f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:17.000Z",
"modified": "2016-10-12T09:14:17.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'boostsales360.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeea-9188-4c1a-ab9f-4643950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:18.000Z",
"modified": "2016-10-12T09:14:18.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '184.168.203.1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeea-c948-4098-86a3-42ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:18.000Z",
"modified": "2016-10-12T09:14:18.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://cristalinteriordesign.com/wp-content/plugins/jetpack/scss/templates/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeeb-c430-4531-9d7b-4399950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:19.000Z",
"modified": "2016-10-12T09:14:19.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'cristalinteriordesign.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeeb-e074-48dc-b039-4cdf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:19.000Z",
"modified": "2016-10-12T09:14:19.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '166.62.109.21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeec-b37c-4b95-96e6-4bd5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:20.000Z",
"modified": "2016-10-12T09:14:20.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://d.mspyplus.com/img/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeec-3950-4412-aaff-4547950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:20.000Z",
"modified": "2016-10-12T09:14:20.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'd.mspyplus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeed-d1ec-4a6c-9e91-4d14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:21.000Z",
"modified": "2016-10-12T09:14:21.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.64.75.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeee-ff34-4019-b5fc-4ce6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:22.000Z",
"modified": "2016-10-12T09:14:22.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://dmrburo.com/catalog/view/javascript/jquery/colorpicker/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeee-c4ac-4232-8219-4cd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:22.000Z",
"modified": "2016-10-12T09:14:22.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'dmrburo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeef-9df0-4dc9-9add-4db9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:23.000Z",
"modified": "2016-10-12T09:14:23.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.245.149.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeef-2e78-4d60-8896-4fb8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:23.000Z",
"modified": "2016-10-12T09:14:23.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://e-formulas.com/nouse/include/ckeditor/plugins/about/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef0-b488-4659-a95a-445c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:24.000Z",
"modified": "2016-10-12T09:14:24.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'e-formulas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef1-4ce4-4ca5-92d6-4752950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:25.000Z",
"modified": "2016-10-12T09:14:25.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.89.47.187']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef1-8644-4d2f-843a-497a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:25.000Z",
"modified": "2016-10-12T09:14:25.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://eurosib.net/phone/css/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef2-3934-49cf-9d6e-44ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:26.000Z",
"modified": "2016-10-12T09:14:26.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'eurosib.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef2-0330-4f18-9075-4d23950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:26.000Z",
"modified": "2016-10-12T09:14:26.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.140.42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef3-d350-42e2-96af-4ec0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:27.000Z",
"modified": "2016-10-12T09:14:27.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://forum.personyze.com/uploads/monthly_04_2011/Royal Bank of Canada Access ClientSignin/XMPPHP/.svn/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef4-4cbc-4f06-ac69-409e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:28.000Z",
"modified": "2016-10-12T09:14:28.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'forum.personyze.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef4-54f0-43de-a665-4859950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:28.000Z",
"modified": "2016-10-12T09:14:28.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.125.111.42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef5-679c-46af-a391-4177950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:29.000Z",
"modified": "2016-10-12T09:14:29.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://goted-help.unionecso.gov.it/wp-includes/js/tinymce/plugins/inlinepopups/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef5-c934-45e3-bba4-472f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:29.000Z",
"modified": "2016-10-12T09:14:29.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'goted-help.unionecso.gov.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef6-f038-42fc-937b-47dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:30.000Z",
"modified": "2016-10-12T09:14:30.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.13.213.118']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef7-2044-4a02-bff5-4818950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:31.000Z",
"modified": "2016-10-12T09:14:31.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://groovetravelers.com/wp-content/uploads/2016/10/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef7-f728-489f-a6a4-4bed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:31.000Z",
"modified": "2016-10-12T09:14:31.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'groovetravelers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef8-a558-4388-8810-4f5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:32.000Z",
"modified": "2016-10-12T09:14:32.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.27.133.231']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef8-24c4-4a2d-8384-4bf1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:32.000Z",
"modified": "2016-10-12T09:14:32.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.27.132.231']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef9-e684-40bd-b826-4f53950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:33.000Z",
"modified": "2016-10-12T09:14:33.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://hibatoallahschool.com/wp-content/uploads/2016/02/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfef9-f648-4b01-8965-4c6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:33.000Z",
"modified": "2016-10-12T09:14:33.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'hibatoallahschool.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefa-1a0c-4907-9d1d-4969950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:34.000Z",
"modified": "2016-10-12T09:14:34.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '205.144.171.104']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefa-f1f8-4707-978e-40fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:34.000Z",
"modified": "2016-10-12T09:14:34.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://hit45hk.com/wp-content/uploads/revslider/templates/websitebuilder-clients/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefb-d924-4ec8-89dd-411a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:35.000Z",
"modified": "2016-10-12T09:14:35.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'hit45hk.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefc-fde4-4a64-81d8-4673950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:36.000Z",
"modified": "2016-10-12T09:14:36.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.59.253.44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefc-754c-43da-9b92-4e5e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:36.000Z",
"modified": "2016-10-12T09:14:36.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://hivein.com.br/wp-includes/js/tinymce/plugins/textcolor/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefd-0134-40c2-8c36-4250950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:37.000Z",
"modified": "2016-10-12T09:14:37.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'hivein.com.br']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefe-8910-4b93-975d-42eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:38.000Z",
"modified": "2016-10-12T09:14:38.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.202.127.27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfefe-61c4-4d15-93a2-418e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:38.000Z",
"modified": "2016-10-12T09:14:38.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://housepedia.net/wp-includes/js/tinymce/plugins/colorpicker/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeff-3bd8-446a-ad4c-4e39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:39.000Z",
"modified": "2016-10-12T09:14:39.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'housepedia.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdfeff-5ecc-4244-99e8-49b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:39.000Z",
"modified": "2016-10-12T09:14:39.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '128.199.55.81']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff00-6198-4683-a530-43f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:40.000Z",
"modified": "2016-10-12T09:14:40.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://informatike.it/wp-includes/js/tinymce/plugins/wpembed/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff01-4fcc-4161-bfac-46ed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:41.000Z",
"modified": "2016-10-12T09:14:41.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'informatike.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff01-cac8-42fa-8db0-4adc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:41.000Z",
"modified": "2016-10-12T09:14:41.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.48.103.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff02-fb84-4c55-9f0b-4b0a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:42.000Z",
"modified": "2016-10-12T09:14:42.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://kiwitemplates.com/administrator/components/com_xmap/helpers/html/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff02-2070-48d9-a8e3-4616950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:42.000Z",
"modified": "2016-10-12T09:14:42.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'kiwitemplates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff03-6874-43c5-b2f6-4cd9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:43.000Z",
"modified": "2016-10-12T09:14:43.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.141.143']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff04-afc0-451c-a1ff-44a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:44.000Z",
"modified": "2016-10-12T09:14:44.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://mpbrc.cnr.it/administrator/components/bring/par/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff04-87c4-4b36-bcae-45da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:44.000Z",
"modified": "2016-10-12T09:14:44.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'mpbrc.cnr.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff05-1464-4102-b295-4e84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:45.000Z",
"modified": "2016-10-12T09:14:45.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '150.146.204.90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff05-4af8-47ab-aac3-4671950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:45.000Z",
"modified": "2016-10-12T09:14:45.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://phongvehoanggia.net/plugins/editors/jckeditor/install/models/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff06-1b20-41e7-b193-4acf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:46.000Z",
"modified": "2016-10-12T09:14:46.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'phongvehoanggia.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff07-4114-41c7-a6a7-4a00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:47.000Z",
"modified": "2016-10-12T09:14:47.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '222.255.239.118']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff07-537c-47eb-9eca-4482950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:47.000Z",
"modified": "2016-10-12T09:14:47.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://suahdd.com/components/com_content/views/article/tmpl/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff08-4128-4582-a0dd-4f0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:48.000Z",
"modified": "2016-10-12T09:14:48.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'suahdd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff09-3b30-4bb1-b4a9-4786950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:49.000Z",
"modified": "2016-10-12T09:14:49.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.254.12.144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff09-848c-411d-b4fe-4c42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:49.000Z",
"modified": "2016-10-12T09:14:49.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://tvsanok.pl/administrator/components/com_imageshow/models/forms/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0a-0e6c-4541-abe1-4970950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:50.000Z",
"modified": "2016-10-12T09:14:50.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'tvsanok.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0a-4248-4002-a482-4575950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:50.000Z",
"modified": "2016-10-12T09:14:50.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.33.210.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0b-c250-4173-bf02-4865950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:51.000Z",
"modified": "2016-10-12T09:14:51.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://www.guyaneetpetrole.fr/administrator/cache/_system/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0b-8df4-4f0d-a8cd-416c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:51.000Z",
"modified": "2016-10-12T09:14:51.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'www.guyaneetpetrole.fr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0c-3148-473e-963f-473f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:52.000Z",
"modified": "2016-10-12T09:14:52.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.99.4.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0d-8a5c-4f9b-bf0b-415c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:53.000Z",
"modified": "2016-10-12T09:14:53.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://www.peopleace.com/js/zithromax/sessions/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0d-2a14-49a9-aa36-42e8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:53.000Z",
"modified": "2016-10-12T09:14:53.000Z",
"description": "compromised location",
"pattern": "[domain-name:value = 'www.peopleace.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fdff0e-7398-4d4e-8dff-4cc5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T09:14:54.000Z",
"modified": "2016-10-12T09:14:54.000Z",
"description": "compromised location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.33.12.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T09:14:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fe2421-9a8c-4b55-ab95-4229950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-10-12T11:53:31.000Z",
"modified": "2016-10-12T11:53:31.000Z",
"description": "compromised location",
"pattern": "[url:value = 'http://forum.personyze.com/uploads/monthly_04_2011/Royal\\\\%20Bank\\\\%20of\\\\%20Canada\\\\%20Access\\\\%20ClientSignin/XMPPHP/.svn/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-10-12T11:53:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink