adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/592c3d78-98c8-4d15-bf25-4522950d210f.json

7655 lines
No EOL
309 KiB
JSON
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--592c3d78-98c8-4d15-bf25-4522950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:30:00.000Z",
"modified": "2017-05-29T15:30:00.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--592c3d78-98c8-4d15-bf25-4522950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:30:00.000Z",
"modified": "2017-05-29T15:30:00.000Z",
"name": "M2M - Fwd: Servers associated with port 23 scanning activity",
"context": "suspicious-activity",
"object_refs": [
"indicator--592c3d78-1b68-46bc-9b07-41c8950d210f",
"indicator--592c3d79-2e40-4a52-b0ca-4e57950d210f",
"indicator--592c3d79-1870-40fa-b85b-40b9950d210f",
"indicator--592c3d7a-5cbc-4f1f-9b22-4427950d210f",
"indicator--592c3d7b-f820-465c-b474-4885950d210f",
"indicator--592c3d7b-0f70-45ba-9a68-45ab950d210f",
"indicator--592c3d7c-164c-4af1-92fb-4d93950d210f",
"indicator--592c3d7d-a36c-446a-8a5c-48b4950d210f",
"indicator--592c3d7d-0d70-41ff-90ce-435b950d210f",
"indicator--592c3d7e-93e0-429c-ac1f-4ac4950d210f",
"indicator--592c3d7f-14a8-4063-acaa-4e40950d210f",
"indicator--592c3d7f-f5f8-48b6-b7e7-4155950d210f",
"indicator--592c3d81-7948-4b19-a0ab-4ab1950d210f",
"indicator--592c3d81-173c-4fb3-8ef3-4e1c950d210f",
"indicator--592c3d82-9844-4939-b231-404d950d210f",
"indicator--592c3d83-c6c0-4287-ae0a-4bde950d210f",
"indicator--592c3d83-a3fc-4394-a656-497f950d210f",
"indicator--592c3d84-9990-4d09-a8e9-422e950d210f",
"indicator--592c3d85-f074-4e11-be03-4949950d210f",
"indicator--592c3d85-9f08-46ac-ab95-c158950d210f",
"indicator--592c3d86-6b88-4168-a63b-4bab950d210f",
"indicator--592c3d87-42e8-462f-86f6-4851950d210f",
"indicator--592c3d87-866c-453b-a0d9-476f950d210f",
"indicator--592c3d88-8498-44d1-9719-4131950d210f",
"indicator--592c3d89-2408-467f-98b1-4c4d950d210f",
"indicator--592c3d89-1074-457a-bc0e-4d9a950d210f",
"indicator--592c3d8b-05f0-4f3d-98e3-4af8950d210f",
"indicator--592c3d8d-7380-48ee-b5b0-4435950d210f",
"indicator--592c3d8d-9138-4bfd-ab08-40ab950d210f",
"indicator--592c3d8e-a338-4466-8b72-4da3950d210f",
"indicator--592c3d8f-3554-4444-898f-4823950d210f",
"indicator--592c3d8f-c4ec-454f-98d1-473f950d210f",
"indicator--592c3d90-f060-42ea-a5ef-4f9e950d210f",
"indicator--592c3d91-2d44-47af-b0f4-4715950d210f",
"indicator--592c3d91-0b28-4c92-9768-43d1950d210f",
"indicator--592c3d92-05ec-4be2-ba67-437f950d210f",
"indicator--592c3d93-d664-45d6-88d2-41d4950d210f",
"indicator--592c3d93-4cb4-4570-aba2-4e6b950d210f",
"indicator--592c3d95-90ec-4064-949a-4c90950d210f",
"indicator--592c3d95-4b80-4ddf-b679-445b950d210f",
"indicator--592c3d96-2b4c-407c-9311-c158950d210f",
"indicator--592c3d97-6e78-49e7-bbc8-4acb950d210f",
"indicator--592c3d97-e8e4-4d51-a904-4287950d210f",
"indicator--592c3d98-ea34-4efe-b24a-4854950d210f",
"indicator--592c3d99-4d68-4d1e-9091-4c87950d210f",
"indicator--592c3d99-bfe0-423c-b241-4857950d210f",
"indicator--592c3d9a-dfbc-48b5-99dd-477e950d210f",
"indicator--592c3d9b-3578-4566-ad68-4d7a950d210f",
"indicator--592c3d9b-af08-479a-866f-4a0a950d210f",
"indicator--592c3d9c-b4c0-4117-a4d0-4aeb950d210f",
"indicator--592c3d9d-f810-4f74-b895-c158950d210f",
"indicator--592c3d9d-2948-4ee8-b36b-44e9950d210f",
"indicator--592c3d9e-f4ec-40aa-ac2f-47a5950d210f",
"indicator--592c3d9f-1aa8-4e18-80c4-4a7a950d210f",
"indicator--592c3da0-3668-430a-a5d9-436f950d210f",
"indicator--592c3da2-0690-4ba6-9997-45ea950d210f",
"indicator--592c3da2-4940-41db-9fcb-4b93950d210f",
"indicator--592c3da3-1f68-4c93-a5ba-c158950d210f",
"indicator--592c3da4-d954-4f93-8746-4272950d210f",
"indicator--592c3da5-bddc-41c9-b1df-45c6950d210f",
"indicator--592c3da5-7794-4723-8e96-458f950d210f",
"indicator--592c3da6-975c-4b0b-8776-4c2a950d210f",
"indicator--592c3da7-9700-4bb1-bfe8-492c950d210f",
"indicator--592c3da7-ed78-476e-9260-4366950d210f",
"indicator--592c3da8-f880-4789-bc02-4e4c950d210f",
"indicator--592c3da9-3b78-4a0b-b840-4ba2950d210f",
"indicator--592c3daa-91e0-4d86-bfe9-4b8e950d210f",
"indicator--592c3daa-3384-46fa-a04d-c158950d210f",
"indicator--592c3dab-3808-48f4-9e34-41a3950d210f",
"indicator--592c3dac-3d6c-41a5-a72e-41c5950d210f",
"indicator--592c3dac-6f9c-4ebe-b184-4bf4950d210f",
"indicator--592c3dad-e678-4885-81a8-4630950d210f",
"indicator--592c3dae-2ae8-418c-8775-46d9950d210f",
"indicator--592c3dae-3478-4295-a905-4757950d210f",
"indicator--592c3daf-6348-4c9a-b51f-4be6950d210f",
"indicator--592c3db0-6ae4-49a0-a2e6-4333950d210f",
"indicator--592c3db0-afcc-408f-aaab-4c35950d210f",
"indicator--592c3db1-cddc-46af-94a6-447c950d210f",
"indicator--592c3db2-5960-4062-865e-4a52950d210f",
"indicator--592c3db3-8710-4515-a2c0-479f950d210f",
"indicator--592c3db4-bc00-431f-bb51-449a950d210f",
"indicator--592c3db4-52a8-43bb-aa21-c158950d210f",
"indicator--592c3db5-f01c-4a99-af20-4898950d210f",
"indicator--592c3db6-272c-4c19-a5c2-4936950d210f",
"indicator--592c3db6-a6f0-46c1-8f7c-4ab2950d210f",
"indicator--592c3db7-1560-4a6f-aa43-48cc950d210f",
"indicator--592c3db8-5430-4ec6-9500-4fca950d210f",
"indicator--592c3db8-f794-4d1d-87c0-4025950d210f",
"indicator--592c3db9-f8a0-47ca-b57a-4b4d950d210f",
"indicator--592c3dba-7724-4274-afca-4ba5950d210f",
"indicator--592c3dbb-fce4-444c-aff3-418e950d210f",
"indicator--592c3dbb-f684-4bd5-8e86-42b7950d210f",
"indicator--592c3dbc-f16c-4247-ac79-4fe9950d210f",
"indicator--592c3dbd-f408-42c8-a711-403c950d210f",
"indicator--592c3dbe-c568-4239-ba4a-459a950d210f",
"indicator--592c3dbf-8b3c-4c93-8fb0-4d0c950d210f",
"indicator--592c3dbf-6f68-4b9e-b72e-4790950d210f",
"indicator--592c3dc0-858c-4f88-a9ff-4a06950d210f",
"indicator--592c3dc1-6df8-438d-b52f-42f9950d210f",
"indicator--592c3dc1-64cc-4940-a4fa-44f0950d210f",
"indicator--592c3dc2-2fa8-4029-982c-46e2950d210f",
"indicator--592c3dc3-6d18-4cb5-90dd-40b6950d210f",
"indicator--592c3dc3-9ccc-4bff-8783-4ae6950d210f",
"indicator--592c3dc4-43b4-4b60-aacd-4fcc950d210f",
"indicator--592c3dc5-a980-47b7-a678-4d7f950d210f",
"indicator--592c3dc5-fb0c-4e44-9e71-4124950d210f",
"indicator--592c3dc6-2428-4fdd-a3d6-4767950d210f",
"indicator--592c3dc7-7850-493a-9222-413a950d210f",
"indicator--592c3dc8-5844-4d85-ac03-408b950d210f",
"indicator--592c3dc9-1b78-4430-969d-406a950d210f",
"indicator--592c3dc9-855c-4526-936e-4c3f950d210f",
"indicator--592c3dca-9138-43bb-823c-4ec4950d210f",
"indicator--592c3dcb-c4b4-4e25-9342-4604950d210f",
"indicator--592c3dcb-f0d0-4439-b208-41f4950d210f",
"indicator--592c3dcc-4204-4173-86f7-411f950d210f",
"indicator--592c3dcd-f91c-408f-8100-c158950d210f",
"indicator--592c3dcd-112c-4dd8-ae22-4ef3950d210f",
"indicator--592c3dce-87f8-4699-8fba-4cc2950d210f",
"indicator--592c3dcf-0944-49df-82fc-42d3950d210f",
"indicator--592c3dcf-6458-42b4-be7c-433e950d210f",
"indicator--592c3dd0-50e0-48b9-8694-4c01950d210f",
"indicator--592c3dd1-8874-49ea-a390-4e01950d210f",
"indicator--592c3dd2-be1c-4c68-aef1-462e950d210f",
"indicator--592c3dd2-588c-44ee-b685-4c6a950d210f",
"indicator--592c3dd4-c734-44a0-b4f5-4800950d210f",
"indicator--592c3dd5-f060-4ac1-a41b-4f55950d210f",
"indicator--592c3dd5-6bd0-4553-9f48-467d950d210f",
"indicator--592c3dd6-e32c-44e9-b482-447c950d210f",
"indicator--592c3dd7-9138-497b-ba65-42e5950d210f",
"indicator--592c3dd8-45a4-49b8-9640-4be9950d210f",
"indicator--592c3dd8-3b10-48c8-b62e-4e8c950d210f",
"indicator--592c3dd9-3370-45c3-bcbf-4bbc950d210f",
"indicator--592c3dda-c71c-47b5-8b50-483b950d210f",
"indicator--592c3ddb-3144-49f4-ad29-4149950d210f",
"indicator--592c3ddc-d96c-4dff-ad1f-4b8f950d210f",
"indicator--592c3ddd-ca34-4f8d-914e-4710950d210f",
"indicator--592c3ddd-3414-4fc7-a49b-41ae950d210f",
"indicator--592c3dde-631c-471d-bbe7-47fa950d210f",
"indicator--592c3ddf-0e74-4039-b4f3-4935950d210f",
"indicator--592c3ddf-5348-4bfc-9a4c-435b950d210f",
"indicator--592c3de0-9348-47a3-af7a-c158950d210f",
"indicator--592c3de1-a8a8-41d7-adc5-44b2950d210f",
"indicator--592c3de1-0824-4c59-814b-4560950d210f",
"indicator--592c3de2-4d50-4800-80a2-40cb950d210f",
"indicator--592c3de3-bb7c-452c-8496-4304950d210f",
"indicator--592c3de4-9528-48dd-89fc-4bef950d210f",
"indicator--592c3de5-c6d4-442f-9784-467e950d210f",
"indicator--592c3de5-49c0-4452-b666-49c7950d210f",
"indicator--592c3de6-af88-4bfe-8e6d-42cd950d210f",
"indicator--592c3de7-9378-486b-a4ee-498d950d210f",
"indicator--592c3de7-37c8-443f-b96e-4c31950d210f",
"indicator--592c3de8-8a70-44ef-b424-481f950d210f",
"indicator--592c3de9-2ae8-4fe4-99ab-436b950d210f",
"indicator--592c3dea-592c-4fa8-baa2-4cbb950d210f",
"indicator--592c3dea-bbb4-40bf-a730-408b950d210f",
"observed-data--592c3deb-be04-4396-93c8-4989950d210f",
"network-traffic--592c3deb-be04-4396-93c8-4989950d210f",
"ipv4-addr--592c3deb-be04-4396-93c8-4989950d210f",
"indicator--592c3dec-e418-4d2a-9877-4c6f950d210f",
"observed-data--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"network-traffic--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"ipv4-addr--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"indicator--592c3ded-44e8-4e3f-8514-c158950d210f",
"observed-data--592c3dee-34cc-4771-8939-4d50950d210f",
"network-traffic--592c3dee-34cc-4771-8939-4d50950d210f",
"ipv4-addr--592c3dee-34cc-4771-8939-4d50950d210f",
"indicator--592c3def-0a8c-4879-9d5e-418e950d210f",
"indicator--592c3df0-63c8-4b80-8c18-4133950d210f",
"indicator--592c3df1-8c44-4460-b44f-4918950d210f",
"indicator--592c3df2-5e74-42db-a10f-4541950d210f",
"indicator--592c3df3-b31c-4422-a3fc-4df5950d210f",
"indicator--592c3df4-7a74-4bb1-9340-c158950d210f",
"indicator--592c3df5-c3ec-4093-8a9f-49d1950d210f",
"indicator--592c3df6-f770-49ac-9612-4222950d210f",
"observed-data--592c3df7-2860-4e35-ac4d-4a43950d210f",
"network-traffic--592c3df7-2860-4e35-ac4d-4a43950d210f",
"ipv4-addr--592c3df7-2860-4e35-ac4d-4a43950d210f",
"indicator--592c3df8-3e50-4a4d-a435-44c2950d210f",
"observed-data--592c3df9-c274-42dc-9384-4f0f950d210f",
"network-traffic--592c3df9-c274-42dc-9384-4f0f950d210f",
"ipv4-addr--592c3df9-c274-42dc-9384-4f0f950d210f",
"indicator--592c3dfa-8eec-4e9f-92f7-48ba950d210f",
"indicator--592c3dfb-3088-4bba-bade-4c4d950d210f",
"observed-data--592c3dfc-9298-4e03-82c4-4b71950d210f",
"network-traffic--592c3dfc-9298-4e03-82c4-4b71950d210f",
"ipv4-addr--592c3dfc-9298-4e03-82c4-4b71950d210f",
"indicator--592c3dfd-d640-422e-9ac5-c158950d210f",
"indicator--592c3dfd-5edc-4b4e-bbd2-48b9950d210f",
"indicator--592c3dfe-aed8-4743-9f78-4499950d210f",
"observed-data--592c3dff-0d14-4735-9009-422e950d210f",
"network-traffic--592c3dff-0d14-4735-9009-422e950d210f",
"ipv4-addr--592c3dff-0d14-4735-9009-422e950d210f",
"indicator--592c3e00-ea40-4afb-8c5a-48d4950d210f",
"indicator--592c3e00-5990-4a55-9b8d-4fd4950d210f",
"indicator--592c3e01-22b4-4669-af7e-48ff950d210f",
"observed-data--592c3e02-1668-42bd-b79b-4e57950d210f",
"network-traffic--592c3e02-1668-42bd-b79b-4e57950d210f",
"ipv4-addr--592c3e02-1668-42bd-b79b-4e57950d210f",
"indicator--592c3e03-fdc8-4850-9d3a-4c5a950d210f",
"indicator--592c3e04-89ac-43a6-86f6-4733950d210f",
"indicator--592c3e04-e204-4f2c-8db8-42a0950d210f",
"indicator--592c3e05-35e0-4de4-ba78-4743950d210f",
"indicator--592c3e06-25c0-4b99-9b7a-4aa6950d210f",
"observed-data--592c3e07-6610-45b4-a3ea-4a34950d210f",
"network-traffic--592c3e07-6610-45b4-a3ea-4a34950d210f",
"ipv4-addr--592c3e07-6610-45b4-a3ea-4a34950d210f",
"indicator--592c3e07-dd5c-4356-962c-43e7950d210f",
"observed-data--592c3e08-1808-4fbd-8b18-457c950d210f",
"network-traffic--592c3e08-1808-4fbd-8b18-457c950d210f",
"ipv4-addr--592c3e08-1808-4fbd-8b18-457c950d210f",
"indicator--592c3e09-0ab0-4ca0-b769-4eea950d210f",
"indicator--592c3e09-64a8-4e9c-a655-c158950d210f",
"observed-data--592c3e0a-3584-48c9-b074-4418950d210f",
"network-traffic--592c3e0a-3584-48c9-b074-4418950d210f",
"ipv4-addr--592c3e0a-3584-48c9-b074-4418950d210f",
"indicator--592c3e0b-d86c-4292-8a7a-4345950d210f",
"observed-data--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"network-traffic--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"ipv4-addr--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"indicator--592c3e0e-fa48-4113-aac3-4410950d210f",
"indicator--592c3e0e-a4f8-4789-9d54-46ec950d210f",
"observed-data--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"network-traffic--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"ipv4-addr--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"indicator--592c3e10-3ef8-4c25-b91d-4bf3950d210f",
"observed-data--592c3e10-4cac-4204-9988-435b950d210f",
"network-traffic--592c3e10-4cac-4204-9988-435b950d210f",
"ipv4-addr--592c3e10-4cac-4204-9988-435b950d210f",
"indicator--592c3e11-a61c-40d0-b7ca-4d80950d210f",
"observed-data--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"network-traffic--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"ipv4-addr--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"indicator--592c3e13-fa20-472b-88a0-44ae950d210f",
"indicator--592c3e13-11bc-49d5-aa04-4b31950d210f",
"observed-data--592c3e14-b090-410a-a55b-47b1950d210f",
"network-traffic--592c3e14-b090-410a-a55b-47b1950d210f",
"ipv4-addr--592c3e14-b090-410a-a55b-47b1950d210f",
"indicator--592c3e15-31ec-42d2-b3c5-4ef3950d210f",
"observed-data--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"network-traffic--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"ipv4-addr--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"indicator--592c3e16-8844-4079-a51b-4d86950d210f",
"observed-data--592c3e17-2fdc-457f-b779-4e77950d210f",
"network-traffic--592c3e17-2fdc-457f-b779-4e77950d210f",
"ipv4-addr--592c3e17-2fdc-457f-b779-4e77950d210f",
"indicator--592c3e18-8a90-44fb-aaa7-48dc950d210f",
"indicator--592c3e1a-8e50-4c4a-bc66-4927950d210f",
"observed-data--592c3e1a-d84c-4d87-9061-c158950d210f",
"network-traffic--592c3e1a-d84c-4d87-9061-c158950d210f",
"ipv4-addr--592c3e1a-d84c-4d87-9061-c158950d210f",
"indicator--592c3e1b-4470-4a30-83bb-41e0950d210f",
"indicator--592c3e1d-b620-4af5-91a6-4330950d210f",
"observed-data--592c3e1e-3118-4cae-8919-4c76950d210f",
"network-traffic--592c3e1e-3118-4cae-8919-4c76950d210f",
"ipv4-addr--592c3e1e-3118-4cae-8919-4c76950d210f",
"indicator--592c3e1f-8284-4182-83e6-4994950d210f",
"indicator--592c3e20-f4c8-441e-94ba-48fc950d210f",
"observed-data--592c3e21-8200-4abd-95be-466f950d210f",
"network-traffic--592c3e21-8200-4abd-95be-466f950d210f",
"ipv4-addr--592c3e21-8200-4abd-95be-466f950d210f",
"indicator--592c3e22-b520-47bc-9f36-4a34950d210f",
"indicator--592c3e22-5a6c-4e9c-bde9-40c6950d210f",
"observed-data--592c3e23-de48-4d7b-bd00-c158950d210f",
"network-traffic--592c3e23-de48-4d7b-bd00-c158950d210f",
"ipv4-addr--592c3e23-de48-4d7b-bd00-c158950d210f",
"indicator--592c3e24-3c48-43bc-b158-4c18950d210f",
"indicator--592c3e25-2864-42c2-ae94-4c07950d210f",
"indicator--592c3e25-22cc-495f-85b6-40d4950d210f",
"indicator--592c3e26-3d40-41c7-bf44-46a1950d210f",
"indicator--592c3e27-a330-4f13-a5d1-4236950d210f",
"indicator--592c3e28-e9f0-4a80-8b34-4149950d210f",
"observed-data--592c3e28-fdc0-406f-9d58-42df950d210f",
"network-traffic--592c3e28-fdc0-406f-9d58-42df950d210f",
"ipv4-addr--592c3e28-fdc0-406f-9d58-42df950d210f",
"indicator--592c3e29-b61c-4e93-abe3-487f950d210f",
"indicator--592c3e2a-1d24-4e11-a1aa-46b5950d210f",
"indicator--592c3e2b-a9c8-4eb8-82e6-47ad950d210f",
"indicator--592c3e2b-668c-4cd0-aa6d-43db950d210f",
"indicator--592c3e2c-29e4-4a40-bc51-4150950d210f",
"observed-data--592c3e2d-7388-4f89-912e-497e950d210f",
"network-traffic--592c3e2d-7388-4f89-912e-497e950d210f",
"ipv4-addr--592c3e2d-7388-4f89-912e-497e950d210f",
"indicator--592c3e2d-b94c-4d1a-83fb-461c950d210f",
"observed-data--592c3e2e-2154-4b8a-b026-4057950d210f",
"network-traffic--592c3e2e-2154-4b8a-b026-4057950d210f",
"ipv4-addr--592c3e2e-2154-4b8a-b026-4057950d210f",
"indicator--592c3e2f-3c5c-4510-9cb9-4b0d950d210f",
"indicator--592c3e30-0454-41ca-a7e5-c158950d210f",
"indicator--592c3e31-50a0-4eac-9812-42e0950d210f",
"indicator--592c3e32-8b98-4de3-b747-4569950d210f",
"indicator--592c3e33-fb54-40ba-9e61-4d0e950d210f",
"indicator--592c3e34-b678-4ad8-87b5-41c4950d210f",
"indicator--592c3e35-0cdc-4e1b-8458-4720950d210f",
"indicator--592c3e36-9d00-474a-9827-4a80950d210f",
"indicator--592c3e37-51e4-4519-88d6-4db0950d210f",
"indicator--592c3e38-2368-49b0-8c7f-4e25950d210f",
"indicator--592c3e39-ba0c-48c9-9e02-41af950d210f",
"indicator--592c3e3a-e814-4f2d-bb1a-c158950d210f",
"indicator--592c3e3b-12ac-4de1-b299-4713950d210f",
"indicator--592c3e3c-b5f8-4fb5-87f6-4439950d210f",
"indicator--592c3e3d-47cc-4cce-96d7-474b950d210f",
"indicator--592c3e3e-8a08-4e9d-98a9-4bab950d210f",
"indicator--592c3e41-eebc-496b-8358-4f00950d210f",
"indicator--592c3e42-8e00-404f-a6f3-c158950d210f",
"indicator--592c3e43-084c-494f-929b-468c950d210f",
"indicator--592c3e43-837c-44a9-942d-4327950d210f",
"indicator--592c3e45-bdb4-429c-9637-4ed6950d210f",
"indicator--592c3e46-b244-474c-b41e-462c950d210f",
"indicator--592c3e47-a0bc-4c3f-b49b-48e5950d210f",
"indicator--592c3e48-547c-451e-b6c6-4d74950d210f",
"indicator--592c3e49-4b70-4217-b581-4de3950d210f",
"indicator--592c3e4a-3524-4afa-aaa1-407e950d210f",
"indicator--592c3e4b-eb44-4525-96dd-45e6950d210f",
"indicator--592c3e4c-abec-4aff-b60e-48c5950d210f",
"observed-data--592c3e4c-97f4-4f99-8323-c158950d210f",
"network-traffic--592c3e4c-97f4-4f99-8323-c158950d210f",
"ipv4-addr--592c3e4c-97f4-4f99-8323-c158950d210f",
"indicator--592c3e4d-7148-4304-bda7-4ff7950d210f",
"indicator--592c3e4e-f468-4d31-9e55-47ae950d210f",
"indicator--592c3e56-ae7c-4cb8-b7d8-4d1d950d210f",
"indicator--592c3e56-e90c-4310-a77e-4d88950d210f",
"indicator--592c3e58-bd50-4f21-a3db-42f5950d210f",
"indicator--592c3e59-5294-45c8-9bed-47da950d210f",
"indicator--592c3e5a-f6d0-4046-a4ca-427b950d210f",
"indicator--592c3e5b-7874-441e-8199-4b14950d210f",
"indicator--592c3e5b-c8a8-4ba4-82d9-45ef950d210f",
"indicator--592c3e5c-e61c-4099-9769-4cc3950d210f",
"indicator--592c3e5d-0328-40c2-b8dc-495e950d210f",
"indicator--592c3e5e-f744-4665-a304-c158950d210f",
"indicator--592c3e61-09fc-494c-9c0a-4c0a950d210f",
"indicator--592c3e62-de74-41cf-9be1-4c37950d210f",
"indicator--592c3e63-d5d4-470f-968b-4b59950d210f",
"indicator--592c3e64-e62c-41ac-ac43-4d55950d210f",
"indicator--592c3e65-ebb8-4775-8dba-4e8d950d210f",
"indicator--592c3e66-da1c-47a8-ad3b-4b09950d210f",
"indicator--592c3e67-3934-4ed9-adc5-49aa950d210f",
"indicator--592c3e68-6ba0-4e5d-b522-4549950d210f",
"indicator--592c3e68-e750-4cc9-847b-4b5b950d210f",
"indicator--592c3e69-22f8-42b5-b922-4cf1950d210f",
"indicator--592c3e6a-f618-4148-89bc-4ba3950d210f",
"indicator--592c3e6b-9b6c-42b6-8633-436f950d210f",
"indicator--592c3e6d-08d0-4d46-813e-42a8950d210f",
"indicator--592c3e6d-7550-43ce-90e5-44bc950d210f",
"indicator--592c3e6e-4700-4af5-918c-42e7950d210f",
"indicator--592c3e6f-aa24-4e52-912c-458d950d210f",
"indicator--592c3e70-e6a0-4f2c-8475-4935950d210f",
"indicator--592c3e71-53b0-413a-b2fa-4cb1950d210f",
"indicator--592c3e72-8edc-4380-bdab-492b950d210f",
"indicator--592c3e72-4e88-4773-ac0b-4e68950d210f",
"indicator--592c3e73-a174-46eb-9db0-4ff8950d210f",
"indicator--592c3e74-dc40-454a-8802-4f72950d210f",
"indicator--592c3e75-c1a4-4592-b6d5-4967950d210f",
"indicator--592c3e76-dd20-43e1-9ec4-4c61950d210f",
"indicator--592c3e77-8d60-4f56-abf7-4721950d210f",
"indicator--592c3e78-4d1c-4937-ba3a-4764950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d78-1b68-46bc-9b07-41c8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:44.000Z",
"modified": "2017-05-29T15:25:44.000Z",
"pattern": "[file:hashes.SHA256 = '26bbb22b0f1971c73356ca6aa520fb4a94b347d28a95cdb3d953932542671c74']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d79-2e40-4a52-b0ca-4e57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:45.000Z",
"modified": "2017-05-29T15:25:45.000Z",
"pattern": "[file:hashes.SHA256 = 'eef76a87551793021d9b53474463810b33b916b85111fb5189ef033129420c2c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d79-1870-40fa-b85b-40b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:45.000Z",
"modified": "2017-05-29T15:25:45.000Z",
"pattern": "[file:hashes.SHA256 = 'd55d7e5825d6f01847134f8193c82368dbac549a5aeb4ebe304b5146e252221c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7a-5cbc-4f1f-9b22-4427950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:46.000Z",
"modified": "2017-05-29T15:25:46.000Z",
"pattern": "[file:hashes.SHA256 = '974e714732fb6c14aebda6a54a3d51aff3ee5be93039dfe01884f0ffabf9c744']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7b-f820-465c-b474-4885950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:47.000Z",
"modified": "2017-05-29T15:25:47.000Z",
"pattern": "[file:hashes.SHA256 = 'c4a05371f3c7ed26c35984e827e6196561876238b4b72cbe9cc570a40d6cf07a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7b-0f70-45ba-9a68-45ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:47.000Z",
"modified": "2017-05-29T15:25:47.000Z",
"pattern": "[file:hashes.SHA256 = 'cc4811a394281c5c1cb26a558ef6ef0c8892fbf197e32b74b97081b47e19c65b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7c-164c-4af1-92fb-4d93950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:48.000Z",
"modified": "2017-05-29T15:25:48.000Z",
"pattern": "[file:hashes.SHA256 = 'f949fde7926088538139272d8552bc52312a02a409306d46267938446fb297a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7d-a36c-446a-8a5c-48b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:49.000Z",
"modified": "2017-05-29T15:25:49.000Z",
"pattern": "[file:hashes.SHA256 = 'cbf674544b0671cd82c5278a49d88bd57dc03952c7f93b9ec784eafadc383f5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7d-0d70-41ff-90ce-435b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:49.000Z",
"modified": "2017-05-29T15:25:49.000Z",
"pattern": "[file:hashes.SHA256 = '87fb654474f028ac759a34e51564e9463abc6908dbaf2b059bd9b465d3f01310']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7e-93e0-429c-ac1f-4ac4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:50.000Z",
"modified": "2017-05-29T15:25:50.000Z",
"pattern": "[file:hashes.SHA256 = '53df875b6445b81f33aa64f0016bfa9a36ae8970649a3ea4d6cb76a0c6ccb242']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7f-14a8-4063-acaa-4e40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:51.000Z",
"modified": "2017-05-29T15:25:51.000Z",
"pattern": "[file:hashes.SHA256 = 'e066845032c162ed7a26cb08d306053a77145085a4be05b9205f75b053e0e7d8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d7f-f5f8-48b6-b7e7-4155950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:51.000Z",
"modified": "2017-05-29T15:25:51.000Z",
"pattern": "[file:hashes.SHA256 = 'b4f796937f14d20be8c9feafce6505e68c3e813d5c369cf5e45e09ed186b5446']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d81-7948-4b19-a0ab-4ab1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:53.000Z",
"modified": "2017-05-29T15:25:53.000Z",
"pattern": "[file:hashes.SHA256 = 'd322b30fe2d6f933db526bc643ad7fe01ee87d1d1f593ec711a7a116cf757587']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d81-173c-4fb3-8ef3-4e1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:53.000Z",
"modified": "2017-05-29T15:25:53.000Z",
"pattern": "[file:hashes.SHA256 = '7a6e452684224953f3a5fa1e30648696f598bf109ed54234df218a9164bee987']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d82-9844-4939-b231-404d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:54.000Z",
"modified": "2017-05-29T15:25:54.000Z",
"pattern": "[file:hashes.SHA256 = '8f51309bfb5807dc22a44f5f787d71afef465a11690db819939540471c4872da']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d83-c6c0-4287-ae0a-4bde950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:55.000Z",
"modified": "2017-05-29T15:25:55.000Z",
"pattern": "[file:hashes.SHA256 = '0d10de22eab391e08fd04048f06959fe94bb2931f167f86c1099ec9402df6923']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d83-a3fc-4394-a656-497f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:55.000Z",
"modified": "2017-05-29T15:25:55.000Z",
"pattern": "[file:hashes.SHA256 = '8580074549b44b68c912a95b8765097a0a084c117e4f976d1bc739fccef4c92d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d84-9990-4d09-a8e9-422e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:56.000Z",
"modified": "2017-05-29T15:25:56.000Z",
"pattern": "[file:hashes.SHA256 = '80ca5523ddfbba7e84cc08b23b57687b26f64d22bad13c3bc107c2e780e5b259']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d85-f074-4e11-be03-4949950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:57.000Z",
"modified": "2017-05-29T15:25:57.000Z",
"pattern": "[file:hashes.SHA256 = '19f451134858971b4468163c550fb8906c0dcceacf09674ae725dfe252f7ac47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d85-9f08-46ac-ab95-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:57.000Z",
"modified": "2017-05-29T15:25:57.000Z",
"pattern": "[file:hashes.SHA256 = '026c875f39059bf04999964cbf02eb546d0080c4e9f7cc5227166ec8e57f7373']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d86-6b88-4168-a63b-4bab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:58.000Z",
"modified": "2017-05-29T15:25:58.000Z",
"pattern": "[file:hashes.SHA256 = 'da29b843602a24fd59c39cba899b8f4bf13b1b1fe6e9065c0f494285b68c9484']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d87-42e8-462f-86f6-4851950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:59.000Z",
"modified": "2017-05-29T15:25:59.000Z",
"pattern": "[file:hashes.SHA256 = '2358d0e115ae6bea3624b29ff1ac6819f738eccc3bb0cfaaf9eb4c10aeee9d3e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d87-866c-453b-a0d9-476f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:25:59.000Z",
"modified": "2017-05-29T15:25:59.000Z",
"pattern": "[file:hashes.SHA256 = 'b3f4eb073d4da1808f9ddcc198ab60e2184a9265547ac48c186e95431a0aa92e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:25:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d88-8498-44d1-9719-4131950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:00.000Z",
"modified": "2017-05-29T15:26:00.000Z",
"pattern": "[file:hashes.SHA256 = 'a649adc93e67e6bb58fa6178d2b08cb39c634dd12fbccd2e35075e2598c8cb54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d89-2408-467f-98b1-4c4d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:01.000Z",
"modified": "2017-05-29T15:26:01.000Z",
"pattern": "[file:hashes.SHA256 = '3f3a89d0fd83b16c40f4a26e06a789604a723b856a8cf7840a8ef711803cce91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d89-1074-457a-bc0e-4d9a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:01.000Z",
"modified": "2017-05-29T15:26:01.000Z",
"pattern": "[file:hashes.SHA256 = '23a3e1b662b12882fc2c605880766bec1e632e13b463371f880380f46d17bdc9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d8b-05f0-4f3d-98e3-4af8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:03.000Z",
"modified": "2017-05-29T15:26:03.000Z",
"pattern": "[file:hashes.SHA256 = '2abb9964788de90baf578b7782cd75f8dd4c3467ffd24b2c4cacce1dd1438147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d8d-7380-48ee-b5b0-4435950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:05.000Z",
"modified": "2017-05-29T15:26:05.000Z",
"pattern": "[file:hashes.SHA256 = '56ec5c0418cc078cd25b443a2feef3cda2f66884c838ad48c9882cd67d515e36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d8d-9138-4bfd-ab08-40ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:05.000Z",
"modified": "2017-05-29T15:26:05.000Z",
"pattern": "[file:hashes.SHA256 = '021a31a260240bc7e857edcf3e8aee89e1efd2023d535270becc85ebd3deaf69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d8e-a338-4466-8b72-4da3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:06.000Z",
"modified": "2017-05-29T15:26:06.000Z",
"pattern": "[file:hashes.SHA256 = 'edece9aa2b28d9206741678dc34f864ac86029ffa040012e84fed414b2ba8fa9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d8f-3554-4444-898f-4823950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:07.000Z",
"modified": "2017-05-29T15:26:07.000Z",
"pattern": "[file:hashes.SHA256 = '2796257c07ef8e3b0745b97877b5e2b5ee74d2a0473e1202ba139fc1fd589033']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d8f-c4ec-454f-98d1-473f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:07.000Z",
"modified": "2017-05-29T15:26:07.000Z",
"pattern": "[file:hashes.SHA256 = '70548fe56d61529869a0006288f7821df8e71e0a47bcd5f302c2feae8c92fb60']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d90-f060-42ea-a5ef-4f9e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:08.000Z",
"modified": "2017-05-29T15:26:08.000Z",
"pattern": "[file:hashes.SHA256 = 'a089e2e04ff797a315bffccbe2d1806b91470ed8f6090c28840855b2d26b79a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d91-2d44-47af-b0f4-4715950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:09.000Z",
"modified": "2017-05-29T15:26:09.000Z",
"pattern": "[file:hashes.SHA256 = 'ba214a3319920de9f536c39e78c7eb43627abd7f3c014424988276283ca696b8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d91-0b28-4c92-9768-43d1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:09.000Z",
"modified": "2017-05-29T15:26:09.000Z",
"pattern": "[file:hashes.SHA256 = 'fde56e2912fec05e1291ded736efad23cdc0ae4b150635b7c58df406a658ba4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d92-05ec-4be2-ba67-437f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:10.000Z",
"modified": "2017-05-29T15:26:10.000Z",
"pattern": "[file:hashes.SHA256 = 'bf028af59e6710f3f35d7d5ca5a877f7291fec72fa37ff483e9526f672186ee2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d93-d664-45d6-88d2-41d4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:11.000Z",
"modified": "2017-05-29T15:26:11.000Z",
"pattern": "[file:hashes.SHA256 = 'adc8c241232e10539644bac90a827e3d4b32066882ffddb06cbc1c98869f360f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d93-4cb4-4570-aba2-4e6b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:11.000Z",
"modified": "2017-05-29T15:26:11.000Z",
"pattern": "[file:hashes.SHA256 = 'fb1a763fb794847e594488bcb4fb2192d4a333e3fe467feed919d5df51b6f659']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d95-90ec-4064-949a-4c90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:13.000Z",
"modified": "2017-05-29T15:26:13.000Z",
"pattern": "[file:hashes.SHA256 = '59cf55cc5b9c77c3d6c78b2893c0ed9db8b2d06d1d69c09c884ccc2d8de059ae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d95-4b80-4ddf-b679-445b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:13.000Z",
"modified": "2017-05-29T15:26:13.000Z",
"pattern": "[file:hashes.SHA256 = 'd59ab00443886f94d3eb94cde30f7f3e7ce69008e575bcde0c4648c58e225a73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d96-2b4c-407c-9311-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:14.000Z",
"modified": "2017-05-29T15:26:14.000Z",
"pattern": "[file:hashes.SHA256 = 'ab8732bf86b5ac98d5a18b004a5460935d2e39e394a70fb0ba3b6d8fe003c54d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d97-6e78-49e7-bbc8-4acb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:15.000Z",
"modified": "2017-05-29T15:26:15.000Z",
"pattern": "[file:hashes.SHA256 = '7b305be0829c0596b9dbb34705f1ce9574dbc5e60c36166ec9a157db4c416e46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d97-e8e4-4d51-a904-4287950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:15.000Z",
"modified": "2017-05-29T15:26:15.000Z",
"pattern": "[file:hashes.SHA256 = '7452e4ab6f663bd93535ea82156e1bdce49397cbf6d4b2041bc4bb197a16d5f6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d98-ea34-4efe-b24a-4854950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:16.000Z",
"modified": "2017-05-29T15:26:16.000Z",
"pattern": "[file:hashes.SHA256 = '2ed1ebba021fbe102b7195a8cf239af6754a2276070bd595260f795e28ff1bb1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d99-4d68-4d1e-9091-4c87950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:17.000Z",
"modified": "2017-05-29T15:26:17.000Z",
"pattern": "[file:hashes.SHA256 = '7ebd930b0b98479929ec1c8faeb9f69d8acb1e6c3126bb1e553be589bb3c43ba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d99-bfe0-423c-b241-4857950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:17.000Z",
"modified": "2017-05-29T15:26:17.000Z",
"pattern": "[file:hashes.SHA256 = '07925dd684622d1e9cb263fafd71747f9232acab5030f1c960d78b12e79cc39f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9a-dfbc-48b5-99dd-477e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:18.000Z",
"modified": "2017-05-29T15:26:18.000Z",
"pattern": "[file:hashes.SHA256 = 'daa675a9bcfe5b8e1f8ec2152a03c0ce911c00d705dbd9f6fcd86605c7c09c34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9b-3578-4566-ad68-4d7a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:19.000Z",
"modified": "2017-05-29T15:26:19.000Z",
"pattern": "[file:hashes.SHA256 = 'd2fc877e251e391018f66f761b5d00119c085bb3118bb61c3435b0f3f384971a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9b-af08-479a-866f-4a0a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:19.000Z",
"modified": "2017-05-29T15:26:19.000Z",
"pattern": "[file:hashes.SHA256 = '23746ee8eff0f9e9397f8e3d07ed0827cd99f56e6d462fda38e58ad19996800f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9c-b4c0-4117-a4d0-4aeb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:20.000Z",
"modified": "2017-05-29T15:26:20.000Z",
"pattern": "[file:hashes.SHA256 = '01d22c19648e86a0a648ba43a44133dd0bea8a5a84d986a8ef99f294fb2e5828']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9d-f810-4f74-b895-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:21.000Z",
"modified": "2017-05-29T15:26:21.000Z",
"pattern": "[file:hashes.SHA256 = '9fd15ea4f3cc2a8764edcda6f0514ffb76cc3654daf1c71e6635d7d7de456871']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9d-2948-4ee8-b36b-44e9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:21.000Z",
"modified": "2017-05-29T15:26:21.000Z",
"pattern": "[file:hashes.SHA256 = '9643623f409f602a10b93b44b4684ebe761d280f57d2e2a25b620de177c758b9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9e-f4ec-40aa-ac2f-47a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:22.000Z",
"modified": "2017-05-29T15:26:22.000Z",
"pattern": "[file:hashes.SHA256 = '27ac68d80ad7a2e92feba097fad67a31cbfd796e0e91d5adaad0135ca8c62a31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3d9f-1aa8-4e18-80c4-4a7a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:23.000Z",
"modified": "2017-05-29T15:26:23.000Z",
"pattern": "[file:hashes.SHA256 = '6f9c5c6deb9eba489d00837e06ee41e1cf3eab4ecb0041fcf1e53220197902bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da0-3668-430a-a5d9-436f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:24.000Z",
"modified": "2017-05-29T15:26:24.000Z",
"pattern": "[file:hashes.SHA256 = 'e8d788b2779cc29c26a9718aedd4f08ef3aa2fc23dd1824fa66391b0f92fdaef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da2-0690-4ba6-9997-45ea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:26.000Z",
"modified": "2017-05-29T15:26:26.000Z",
"pattern": "[file:hashes.SHA256 = 'd047c8672d630c4bc0ee7baec367dec4f56f7ed09bd26265140c4798cd4d4e1c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da2-4940-41db-9fcb-4b93950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:26.000Z",
"modified": "2017-05-29T15:26:26.000Z",
"pattern": "[file:hashes.SHA256 = 'd91365c23ec06335d39137620ac4fc9df8b050e10398d1fe639bae2d86f27ff9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da3-1f68-4c93-a5ba-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:27.000Z",
"modified": "2017-05-29T15:26:27.000Z",
"pattern": "[file:hashes.SHA256 = '2831c27005fc8a01c8524a3f81c6f144f4edc982b7e89f1b95c169896b287579']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da4-d954-4f93-8746-4272950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:28.000Z",
"modified": "2017-05-29T15:26:28.000Z",
"pattern": "[file:hashes.SHA256 = 'f4f3e12566188886832411716074a33f62bfba8ee0c7eca1339fe68864d3e53b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da5-bddc-41c9-b1df-45c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:29.000Z",
"modified": "2017-05-29T15:26:29.000Z",
"pattern": "[file:hashes.SHA256 = 'e0f3bcd3feeb05882dbd3a3ea46e55d7a3fa7f2c9729216e75863fe587ab8d72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da5-7794-4723-8e96-458f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:29.000Z",
"modified": "2017-05-29T15:26:29.000Z",
"pattern": "[file:hashes.SHA256 = '0028a60cb275b3a1b71b3dd50deda4e80966f28ff8ba5360f0ad0d16769ef128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da6-975c-4b0b-8776-4c2a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:30.000Z",
"modified": "2017-05-29T15:26:30.000Z",
"pattern": "[file:hashes.SHA256 = '1d4575d5adc33445cbec610ad5e3479a0355a79c5c60ad923cb0fee1570e8c7c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da7-9700-4bb1-bfe8-492c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:31.000Z",
"modified": "2017-05-29T15:26:31.000Z",
"pattern": "[file:hashes.SHA256 = '34303f3725bde832adf44019b84a9b81e7b5264b3c12c2770c294ba470b72323']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da7-ed78-476e-9260-4366950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:31.000Z",
"modified": "2017-05-29T15:26:31.000Z",
"pattern": "[file:hashes.SHA256 = '7cd2e1ce91629f18e7292047892bde90a327da6c32ea7c9284057b046b5e8370']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da8-f880-4789-bc02-4e4c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:32.000Z",
"modified": "2017-05-29T15:26:32.000Z",
"pattern": "[file:hashes.SHA256 = '36dfc8e7ff48cf14013c857cade05224321e548f7959257061aba396632c39f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3da9-3b78-4a0b-b840-4ba2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:33.000Z",
"modified": "2017-05-29T15:26:33.000Z",
"pattern": "[file:hashes.SHA256 = 'f7f4aaab870c556b771547e7625c8cd6e010e843591c8d067b279c6a206a0d7f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3daa-91e0-4d86-bfe9-4b8e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:34.000Z",
"modified": "2017-05-29T15:26:34.000Z",
"pattern": "[file:hashes.SHA256 = '3eba28013381a579665701bb4d770693f79ea8d37abc71207e114f253aa52dab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3daa-3384-46fa-a04d-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:34.000Z",
"modified": "2017-05-29T15:26:34.000Z",
"pattern": "[file:hashes.SHA256 = 'fec5333a91c3df3ab4da0ed1aa3ad771e62169cbd4ad284835a2355544c755b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dab-3808-48f4-9e34-41a3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:35.000Z",
"modified": "2017-05-29T15:26:35.000Z",
"pattern": "[file:hashes.SHA256 = '34cd7fca3fe9edb6ef5552707a7b87a094c0a1d3e37448c779139fac4139e0ec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dac-3d6c-41a5-a72e-41c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:36.000Z",
"modified": "2017-05-29T15:26:36.000Z",
"pattern": "[file:hashes.SHA256 = '150075ed087928dbb62f359dfe12a86f9f255deb2ed652267b345397a81c1baf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dac-6f9c-4ebe-b184-4bf4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:36.000Z",
"modified": "2017-05-29T15:26:36.000Z",
"pattern": "[file:hashes.SHA256 = '521e9fd88832c545eb90952d3fe5fcffd82b62f415ffcf963305c1d8163c16a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dad-e678-4885-81a8-4630950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:37.000Z",
"modified": "2017-05-29T15:26:37.000Z",
"pattern": "[file:hashes.SHA256 = '1be508c38dab32e9d684bed0f12395da1059441ca3f57068f64bbf651c43994d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dae-2ae8-418c-8775-46d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:38.000Z",
"modified": "2017-05-29T15:26:38.000Z",
"pattern": "[file:hashes.SHA256 = '7e511829841e8c690f68b753a6088ac3b5c7125f5b20a9bb385b8ca7c22c7778']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dae-3478-4295-a905-4757950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:38.000Z",
"modified": "2017-05-29T15:26:38.000Z",
"pattern": "[file:hashes.SHA256 = 'd08b9e269b095fe4828a4f5b51f19ba7d5a2113a3443f5c9da94d297ee11f9e1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3daf-6348-4c9a-b51f-4be6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:39.000Z",
"modified": "2017-05-29T15:26:39.000Z",
"pattern": "[file:hashes.SHA256 = 'b5609041250db2208783d178b586e9fa39e8000749e8462e079626b8d0dda69a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db0-6ae4-49a0-a2e6-4333950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:40.000Z",
"modified": "2017-05-29T15:26:40.000Z",
"pattern": "[file:hashes.SHA256 = '4d0380c0d0b4d5a0e80304ab50ed9b71c45a7196353ac6d0c079e02d94dbc7db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db0-afcc-408f-aaab-4c35950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:40.000Z",
"modified": "2017-05-29T15:26:40.000Z",
"pattern": "[file:hashes.SHA256 = '88715106f788c9d19947f19624f02cfbdc63c20a69e35e44c2ac6576592dcce6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db1-cddc-46af-94a6-447c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:41.000Z",
"modified": "2017-05-29T15:26:41.000Z",
"pattern": "[file:hashes.SHA256 = '1b20df8df7f84ad29d81ccbe276f49a6488c2214077b13da858656c027531c80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db2-5960-4062-865e-4a52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:42.000Z",
"modified": "2017-05-29T15:26:42.000Z",
"pattern": "[file:hashes.SHA256 = '401ae7f71bfd16f5343c2ab6396e8e3e9e6c1ac29a1d0467b6bf102d01bbfbfd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db3-8710-4515-a2c0-479f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:43.000Z",
"modified": "2017-05-29T15:26:43.000Z",
"pattern": "[file:hashes.SHA256 = 'a79c444edd3ef619f3d54e1e92d551b858eaf36585e1c53b64300e70c212ba55']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db4-bc00-431f-bb51-449a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:44.000Z",
"modified": "2017-05-29T15:26:44.000Z",
"pattern": "[file:hashes.SHA256 = 'a50dcd0f2512881031c176640ae89f23950eb2dd4b13c5084df6d80a513603b4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db4-52a8-43bb-aa21-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:44.000Z",
"modified": "2017-05-29T15:26:44.000Z",
"pattern": "[file:hashes.SHA256 = '3a85174be47f280304e515fd9ff358ee801d77bd9267993a0f6322e513676ea5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db5-f01c-4a99-af20-4898950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:45.000Z",
"modified": "2017-05-29T15:26:45.000Z",
"pattern": "[file:hashes.SHA256 = 'b1c0888704425429281c825ea4be8b412f1f08b507d41a035cf637424aa39dc9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db6-272c-4c19-a5c2-4936950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:46.000Z",
"modified": "2017-05-29T15:26:46.000Z",
"pattern": "[file:hashes.SHA256 = '1e4ea9541f937d77ed52552120262a74b2b029c5dc65028b8449fdfc515d1f0e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db6-a6f0-46c1-8f7c-4ab2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:46.000Z",
"modified": "2017-05-29T15:26:46.000Z",
"pattern": "[file:hashes.SHA256 = 'd5056a766c12ab50404fcade3572adae2b9bd716dbc41c4ccb73e1d154e45852']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db7-1560-4a6f-aa43-48cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:47.000Z",
"modified": "2017-05-29T15:26:47.000Z",
"pattern": "[file:hashes.SHA256 = 'ff3a5cb82c0d5b894eda17fe4288029ebc1bb5371e3cea6afca963abb0dd85c9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db8-5430-4ec6-9500-4fca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:48.000Z",
"modified": "2017-05-29T15:26:48.000Z",
"pattern": "[file:hashes.SHA256 = 'b8bc53bb70dac351890c5834a6a498213c4a8d3aab4720f9189f5fec5983106e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db8-f794-4d1d-87c0-4025950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:48.000Z",
"modified": "2017-05-29T15:26:48.000Z",
"pattern": "[file:hashes.SHA256 = '8f2479bbcb7077d2dddcb9509ffeff7cc4f8d29fcb67d4c3c64526aa2bb4cb56']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3db9-f8a0-47ca-b57a-4b4d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:49.000Z",
"modified": "2017-05-29T15:26:49.000Z",
"pattern": "[file:hashes.SHA256 = '0c4eaf72092beeb8769bc6286aeae24256df3c2f0fe58bf4c4d11d3db3fae59b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dba-7724-4274-afca-4ba5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:50.000Z",
"modified": "2017-05-29T15:26:50.000Z",
"pattern": "[file:hashes.SHA256 = '3465e0045f3b462b02d0f9426e0f10c68b4a1cb3c411dd35b92c3c95681701c6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dbb-fce4-444c-aff3-418e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:51.000Z",
"modified": "2017-05-29T15:26:51.000Z",
"pattern": "[file:hashes.SHA256 = '6ed2f72357e696a4572fc8b91b5f1e8dc5581dd6faa9ae93af06cd2b24e4bc65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dbb-f684-4bd5-8e86-42b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:51.000Z",
"modified": "2017-05-29T15:26:51.000Z",
"pattern": "[file:hashes.SHA256 = '5819f7d87695a52c407f8cbba1028f8bccf5144e4005fec5d8fbabe43bb61c94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dbc-f16c-4247-ac79-4fe9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:52.000Z",
"modified": "2017-05-29T15:26:52.000Z",
"pattern": "[file:hashes.SHA256 = '2ba49f48d16dfffbaf4065b83f483f17f98344e08d9f94d8d552442c03b1ab20']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dbd-f408-42c8-a711-403c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:53.000Z",
"modified": "2017-05-29T15:26:53.000Z",
"pattern": "[file:hashes.SHA256 = 'e99e0aaf085c6a0569624345e67b4f546597494e8a65c2ef1f7b07755b8c6949']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dbe-c568-4239-ba4a-459a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:54.000Z",
"modified": "2017-05-29T15:26:54.000Z",
"pattern": "[file:hashes.SHA256 = '9eea1612d080a8146ef1bd84cf4dce73a22fe71999667b710c163f0a73da274c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dbf-8b3c-4c93-8fb0-4d0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:55.000Z",
"modified": "2017-05-29T15:26:55.000Z",
"pattern": "[file:hashes.SHA256 = 'a1c84ae023c742be66419e5aaa1a4571aa4d81d74bca58cbcbe1bdc1ad157cb5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dbf-6f68-4b9e-b72e-4790950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:55.000Z",
"modified": "2017-05-29T15:26:55.000Z",
"pattern": "[file:hashes.SHA256 = 'bc3b3ed17a244cc835dbf99f9872f8c778c10a74ff09c359f93857b3ac899a18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc0-858c-4f88-a9ff-4a06950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:56.000Z",
"modified": "2017-05-29T15:26:56.000Z",
"pattern": "[file:hashes.SHA256 = 'dc755293c8f0a55369dcb89869adf95ea9f0353009ff098051d34a129ccc5f71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc1-6df8-438d-b52f-42f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:57.000Z",
"modified": "2017-05-29T15:26:57.000Z",
"pattern": "[file:hashes.SHA256 = 'f0dd1cba6d5fa4378fbfe72a3a340a953badecec9f73650774677bf14c5d7643']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc1-64cc-4940-a4fa-44f0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:57.000Z",
"modified": "2017-05-29T15:26:57.000Z",
"pattern": "[file:hashes.SHA256 = '12298a5550bfae845aa2ec091c287a4becd7b9a013f3cdfc514261cd91f99734']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc2-2fa8-4029-982c-46e2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:58.000Z",
"modified": "2017-05-29T15:26:58.000Z",
"pattern": "[file:hashes.SHA256 = 'fdd30ff646b855d814b04fb04cf9e6c9dbd950bcd141ea29a102cc0f58c17af2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc3-6d18-4cb5-90dd-40b6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:59.000Z",
"modified": "2017-05-29T15:26:59.000Z",
"pattern": "[file:hashes.SHA256 = 'e28a8dc9ce4bcf6d436e771284c30175a3fabb0beca94e00af05ba5a4a19c7a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc3-9ccc-4bff-8783-4ae6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:26:59.000Z",
"modified": "2017-05-29T15:26:59.000Z",
"pattern": "[file:hashes.SHA256 = 'dcd8a4670e969ec04b67d130c08d42a8c1cbfcfcc02c42a94ae9045d92ee2034']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:26:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc4-43b4-4b60-aacd-4fcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:00.000Z",
"modified": "2017-05-29T15:27:00.000Z",
"pattern": "[file:hashes.SHA256 = '375f17ccb9eeb41828b75ede1080e2f8922bf87212c04d021da3db9400cddbc8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc5-a980-47b7-a678-4d7f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:01.000Z",
"modified": "2017-05-29T15:27:01.000Z",
"pattern": "[file:hashes.SHA256 = 'eaed577de21d37e92ce798689d14cef31f839a63ec40eada92e4fde7c76e027c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc5-fb0c-4e44-9e71-4124950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:01.000Z",
"modified": "2017-05-29T15:27:01.000Z",
"pattern": "[file:hashes.SHA256 = '922d7fc086f037d90d0266526a4f1d95c281dc278553a0f3a4a36aae29f3354e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc6-2428-4fdd-a3d6-4767950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:02.000Z",
"modified": "2017-05-29T15:27:02.000Z",
"pattern": "[file:hashes.SHA256 = '149dbf6ff2141167312fa7eabbcf48066db072bb9f23deeb12d3723246f4d26d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc7-7850-493a-9222-413a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:03.000Z",
"modified": "2017-05-29T15:27:03.000Z",
"pattern": "[file:hashes.SHA256 = 'c1034cd0c8d0c3d43c508f06c4d98c3be174581a4b6fe3f06bc523f588e08a4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc8-5844-4d85-ac03-408b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:04.000Z",
"modified": "2017-05-29T15:27:04.000Z",
"pattern": "[file:hashes.SHA256 = '06c235413370e243051ac0104c28bd90fd18d896c783e98283fb64977887f411']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc9-1b78-4430-969d-406a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:05.000Z",
"modified": "2017-05-29T15:27:05.000Z",
"pattern": "[file:hashes.SHA256 = '4dcad7d9ce8d5868281c4fc497a928ac8ffd16e895ada7389be9e17449b25652']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dc9-855c-4526-936e-4c3f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:05.000Z",
"modified": "2017-05-29T15:27:05.000Z",
"pattern": "[file:hashes.SHA256 = '52f25c4e08a80b740806322d52ed5b120b2c0eae094946d452bd45a494b09fd6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dca-9138-43bb-823c-4ec4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:06.000Z",
"modified": "2017-05-29T15:27:06.000Z",
"pattern": "[file:hashes.SHA256 = '991fe0a490cf85a83a93a744838edf9da53fa474efe6314b50336eb589f07c48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dcb-c4b4-4e25-9342-4604950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:07.000Z",
"modified": "2017-05-29T15:27:07.000Z",
"pattern": "[file:hashes.SHA256 = 'f684470dafcf21154905d656e0adc274d5b30705c6b85f619f9855284e9bf14a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dcb-f0d0-4439-b208-41f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:07.000Z",
"modified": "2017-05-29T15:27:07.000Z",
"pattern": "[file:hashes.SHA256 = '77a8805d5fb12d6a4b575be1feb4a9c45688973651eea239907c53afd8d845d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dcc-4204-4173-86f7-411f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:08.000Z",
"modified": "2017-05-29T15:27:08.000Z",
"pattern": "[file:hashes.SHA256 = 'dc62eadc50a98b1dcec1254b9151e9fdd36152d954f0780bbe5cd8d3090759fa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dcd-f91c-408f-8100-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:09.000Z",
"modified": "2017-05-29T15:27:09.000Z",
"pattern": "[file:hashes.SHA256 = '78c40399cce98a79090c0ea7d505f84369be0e481b70ac46ec4d6bf2127f9842']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dcd-112c-4dd8-ae22-4ef3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:09.000Z",
"modified": "2017-05-29T15:27:09.000Z",
"pattern": "[file:hashes.SHA256 = '697e4a24ab48f845bc02f517917bfe7680c9aa5de225eb6ef13087a80865abbe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dce-87f8-4699-8fba-4cc2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:10.000Z",
"modified": "2017-05-29T15:27:10.000Z",
"pattern": "[file:hashes.SHA256 = '5e68e363783f3b573a7a6b74bf781e08fc11a22349cf905981ead7378d7fa9df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dcf-0944-49df-82fc-42d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:11.000Z",
"modified": "2017-05-29T15:27:11.000Z",
"pattern": "[file:hashes.SHA256 = 'cfc929cd49e24589a6425d4ed95e7ffefc527f59570216e6739cfd0d90200cdc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dcf-6458-42b4-be7c-433e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:11.000Z",
"modified": "2017-05-29T15:27:11.000Z",
"pattern": "[file:hashes.SHA256 = '6cc61fdd6a01090effd25772658a69e864a56c1c1422832a3cbce95a2a048f07']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd0-50e0-48b9-8694-4c01950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:12.000Z",
"modified": "2017-05-29T15:27:12.000Z",
"pattern": "[file:hashes.SHA256 = '1b714a7fd925931386095d492ac75406240a99473fa7ee9359caab4650f5dcac']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd1-8874-49ea-a390-4e01950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:13.000Z",
"modified": "2017-05-29T15:27:13.000Z",
"pattern": "[file:hashes.SHA256 = '6e91568979df730e37dbe545d96e51947769a568d7a911b2d7e2bc0f7efbbdf0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd2-be1c-4c68-aef1-462e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:14.000Z",
"modified": "2017-05-29T15:27:14.000Z",
"pattern": "[file:hashes.SHA256 = '592b8e2597e20db8898a6180de4193180c6db54d6ea03ae8d12228b31548b805']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd2-588c-44ee-b685-4c6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:14.000Z",
"modified": "2017-05-29T15:27:14.000Z",
"pattern": "[file:hashes.SHA256 = 'f7b1b8376556adc1852f99534d481d490c387cffabbd605bddb2ab129edf7fc7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd4-c734-44a0-b4f5-4800950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:16.000Z",
"modified": "2017-05-29T15:27:16.000Z",
"pattern": "[file:hashes.SHA256 = '856c4a7f3e248c910f2af7f3318be0db86e44094e42b8c915700d98ba962aa85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd5-f060-4ac1-a41b-4f55950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:17.000Z",
"modified": "2017-05-29T15:27:17.000Z",
"pattern": "[file:hashes.SHA256 = '2f3740c8de802e42f4e5892002e1519f3acfc4af8b761459b80da44577218fc1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd5-6bd0-4553-9f48-467d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:17.000Z",
"modified": "2017-05-29T15:27:17.000Z",
"pattern": "[file:hashes.SHA256 = '1d09c5830eb76c322e455d7c8143096a21edb33019df8d2fe056d65ee8505907']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd6-e32c-44e9-b482-447c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:18.000Z",
"modified": "2017-05-29T15:27:18.000Z",
"pattern": "[file:hashes.SHA256 = 'a2205dfcfa3dcfb13bfd1b67349ab148d23fd0ce78b8d9d6e7c7cca75ff60417']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd7-9138-497b-ba65-42e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:19.000Z",
"modified": "2017-05-29T15:27:19.000Z",
"pattern": "[file:hashes.SHA256 = 'eb4023f3d34834cd3a33d715a53c97489957c92cd94b16df0b8e7ce5d73cebf5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd8-45a4-49b8-9640-4be9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:20.000Z",
"modified": "2017-05-29T15:27:20.000Z",
"pattern": "[file:hashes.SHA256 = '08275c0ffdc007eb38a973efd9655b38452509f6269ce14508109954bbed7307']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd8-3b10-48c8-b62e-4e8c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:20.000Z",
"modified": "2017-05-29T15:27:20.000Z",
"pattern": "[file:hashes.SHA256 = '059cf648a0f81d80f46e071f0012dc0408845902e6bc57187e0173960c3ea6aa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dd9-3370-45c3-bcbf-4bbc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:21.000Z",
"modified": "2017-05-29T15:27:21.000Z",
"pattern": "[file:hashes.SHA256 = '85d397518cb6c34dea735d4b7c7ab3eec48816939cac164aff1d266070ba75ec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dda-c71c-47b5-8b50-483b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:22.000Z",
"modified": "2017-05-29T15:27:22.000Z",
"pattern": "[file:hashes.SHA256 = 'aee471e546bcdecdb139d8aa68752f2663fdc694a0c1506d8b8997d46754db64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3ddb-3144-49f4-ad29-4149950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:23.000Z",
"modified": "2017-05-29T15:27:23.000Z",
"pattern": "[file:hashes.SHA256 = '97ae9952c1ea7acb6153275c97cb2fe02d20bf3a571ddc42a93e5ea43fa8f851']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3ddc-d96c-4dff-ad1f-4b8f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:24.000Z",
"modified": "2017-05-29T15:27:24.000Z",
"pattern": "[file:hashes.SHA256 = '1c9a38565b40017051269a7cc37696127622de66f45961042a3f7e53596fed10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3ddd-ca34-4f8d-914e-4710950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:24.000Z",
"modified": "2017-05-29T15:27:24.000Z",
"pattern": "[file:hashes.SHA256 = 'fc274c440954257e4f75ee7e5883740a38b5acf927b37c0cb30feec4f1838a70']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3ddd-3414-4fc7-a49b-41ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:25.000Z",
"modified": "2017-05-29T15:27:25.000Z",
"pattern": "[file:hashes.SHA256 = 'ca5dc8e2ab2a6017584cd71091961dbd31a7788c862ff82d6b2ae47038925f08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dde-631c-471d-bbe7-47fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:26.000Z",
"modified": "2017-05-29T15:27:26.000Z",
"pattern": "[file:hashes.SHA256 = '77d4bc7f3520dd8dad35f0ec598e9134648b5ac8b8307978286905804d029f49']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3ddf-0e74-4039-b4f3-4935950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:27.000Z",
"modified": "2017-05-29T15:27:27.000Z",
"pattern": "[file:hashes.SHA256 = '3637cde0a8edcf49a018069e7c71efbdaeac6b0a48939c9c62d888641c4fa345']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3ddf-5348-4bfc-9a4c-435b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:27.000Z",
"modified": "2017-05-29T15:27:27.000Z",
"pattern": "[file:hashes.SHA256 = '6d9bcc55e8c8d7fccb6c9c691c293f00546846e9afcbf9b85fcefc1d7878cc1e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de0-9348-47a3-af7a-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:28.000Z",
"modified": "2017-05-29T15:27:28.000Z",
"pattern": "[file:hashes.SHA256 = '15d4114de49f969fd58808c29db6de382b75808d36abfaff0330e6bfe3cb406f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de1-a8a8-41d7-adc5-44b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:29.000Z",
"modified": "2017-05-29T15:27:29.000Z",
"pattern": "[file:hashes.SHA256 = '7398b09bd137f5b4c21bc8c9ac160c73a1b2694b5b21d8d1eacc2138af4002dc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de1-0824-4c59-814b-4560950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:29.000Z",
"modified": "2017-05-29T15:27:29.000Z",
"pattern": "[file:hashes.SHA256 = '4f9c459429176708614721d79b0257db27bdc20a9eb7fb5327f89286614f7140']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de2-4d50-4800-80a2-40cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:30.000Z",
"modified": "2017-05-29T15:27:30.000Z",
"pattern": "[file:hashes.SHA256 = 'cacac460d06100ef43525cc4b801a4eafdff8389e3cef8062232af933b8a4f27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de3-bb7c-452c-8496-4304950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:31.000Z",
"modified": "2017-05-29T15:27:31.000Z",
"pattern": "[file:hashes.SHA256 = '7d04ad5b9b267e70a481fd099cb518520e993cdd8e54e3651045461039d04b50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de4-9528-48dd-89fc-4bef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:32.000Z",
"modified": "2017-05-29T15:27:32.000Z",
"pattern": "[file:hashes.SHA256 = '77ea209c537f6ab895a014bc80f6c93d7b55529ea169a878910306cf99528495']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de5-c6d4-442f-9784-467e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:33.000Z",
"modified": "2017-05-29T15:27:33.000Z",
"pattern": "[file:hashes.SHA256 = '37ca0d1abd3966242596588ab4c08aa7f997e1a9da2f4dde74fd06c8cf753abd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de5-49c0-4452-b666-49c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:33.000Z",
"modified": "2017-05-29T15:27:33.000Z",
"pattern": "[file:hashes.SHA256 = 'daaef90ec2f34a6d17fd3b59ff9f6b84a89acdad53ef5ca56e57f211d7dabfe5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de6-af88-4bfe-8e6d-42cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:34.000Z",
"modified": "2017-05-29T15:27:34.000Z",
"pattern": "[file:hashes.SHA256 = 'bd02bd070ccfe98e95d80b07ed02e6b5f965543b3576c624c9a2e5792088753f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de7-9378-486b-a4ee-498d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:35.000Z",
"modified": "2017-05-29T15:27:35.000Z",
"pattern": "[file:hashes.SHA256 = '5fd3de216ba8db224a8ef7334b124446bbc496cd841dd634b98f4c7875bf78c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de7-37c8-443f-b96e-4c31950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:35.000Z",
"modified": "2017-05-29T15:27:35.000Z",
"pattern": "[file:hashes.SHA256 = '480e97745040ae4b31d308ec10bd76204aa149f9a1bb16be5e77c3359ef87f38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de8-8a70-44ef-b424-481f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:36.000Z",
"modified": "2017-05-29T15:27:36.000Z",
"pattern": "[file:hashes.SHA256 = '7b8d566d79c42d9850929c756783e134f55f71378d11858b9645e5d1e21fb96f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3de9-2ae8-4fe4-99ab-436b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:37.000Z",
"modified": "2017-05-29T15:27:37.000Z",
"pattern": "[file:hashes.SHA256 = '37b9b9ce9b607664bc1bfec7b5442f7bf50b9bb8c30385c43b574c951bc9af87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dea-592c-4fa8-baa2-4cbb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:38.000Z",
"modified": "2017-05-29T15:27:38.000Z",
"pattern": "[url:value = 'gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dea-bbb4-40bf-a730-408b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:38.000Z",
"modified": "2017-05-29T15:27:38.000Z",
"pattern": "[domain-name:value = 'gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3deb-be04-4396-93c8-4989950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:39.000Z",
"modified": "2017-05-29T15:27:39.000Z",
"first_observed": "2017-05-29T15:27:39Z",
"last_observed": "2017-05-29T15:27:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3deb-be04-4396-93c8-4989950d210f",
"ipv4-addr--592c3deb-be04-4396-93c8-4989950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3deb-be04-4396-93c8-4989950d210f",
"dst_ref": "ipv4-addr--592c3deb-be04-4396-93c8-4989950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3deb-be04-4396-93c8-4989950d210f",
"value": "172.217.18.5"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dec-e418-4d2a-9877-4c6f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:40.000Z",
"modified": "2017-05-29T15:27:40.000Z",
"pattern": "[url:value = 'http://173.212.231.123/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:41.000Z",
"modified": "2017-05-29T15:27:41.000Z",
"first_observed": "2017-05-29T15:27:41Z",
"last_observed": "2017-05-29T15:27:41Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"ipv4-addr--592c3ded-7490-4cc4-9df6-4ca5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"dst_ref": "ipv4-addr--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3ded-7490-4cc4-9df6-4ca5950d210f",
"value": "173.212.231.123"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3ded-44e8-4e3f-8514-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:41.000Z",
"modified": "2017-05-29T15:27:41.000Z",
"pattern": "[url:value = 'http://45.76.161.196/bady/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3dee-34cc-4771-8939-4d50950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:42.000Z",
"modified": "2017-05-29T15:27:42.000Z",
"first_observed": "2017-05-29T15:27:42Z",
"last_observed": "2017-05-29T15:27:42Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3dee-34cc-4771-8939-4d50950d210f",
"ipv4-addr--592c3dee-34cc-4771-8939-4d50950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3dee-34cc-4771-8939-4d50950d210f",
"dst_ref": "ipv4-addr--592c3dee-34cc-4771-8939-4d50950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3dee-34cc-4771-8939-4d50950d210f",
"value": "45.76.161.196"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3def-0a8c-4879-9d5e-418e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:43.000Z",
"modified": "2017-05-29T15:27:43.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df0-63c8-4b80-8c18-4133950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:44.000Z",
"modified": "2017-05-29T15:27:44.000Z",
"pattern": "[domain-name:value = 'online.upmirai.club']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df1-8c44-4460-b44f-4918950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:45.000Z",
"modified": "2017-05-29T15:27:45.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.root']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df2-5e74-42db-a10f-4541950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:46.000Z",
"modified": "2017-05-29T15:27:46.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.suppor/run']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df3-b31c-4422-a3fc-4df5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:47.000Z",
"modified": "2017-05-29T15:27:47.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.Admin']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df4-7a74-4bb1-9340-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:48.000Z",
"modified": "2017-05-29T15:27:48.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.Admini/run']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df5-c3ec-4093-8a9f-49d1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:49.000Z",
"modified": "2017-05-29T15:27:49.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.defaul/run']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df6-f770-49ac-9612-4222950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:50.000Z",
"modified": "2017-05-29T15:27:50.000Z",
"pattern": "[url:value = 'http://43.249.206.211/bins/5.jpg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3df7-2860-4e35-ac4d-4a43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:51.000Z",
"modified": "2017-05-29T15:27:51.000Z",
"first_observed": "2017-05-29T15:27:51Z",
"last_observed": "2017-05-29T15:27:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3df7-2860-4e35-ac4d-4a43950d210f",
"ipv4-addr--592c3df7-2860-4e35-ac4d-4a43950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3df7-2860-4e35-ac4d-4a43950d210f",
"dst_ref": "ipv4-addr--592c3df7-2860-4e35-ac4d-4a43950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3df7-2860-4e35-ac4d-4a43950d210f",
"value": "43.249.206.211"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3df8-3e50-4a4d-a435-44c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:52.000Z",
"modified": "2017-05-29T15:27:52.000Z",
"pattern": "[url:value = 'http://43.249.206.170/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3df9-c274-42dc-9384-4f0f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:53.000Z",
"modified": "2017-05-29T15:27:53.000Z",
"first_observed": "2017-05-29T15:27:53Z",
"last_observed": "2017-05-29T15:27:53Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3df9-c274-42dc-9384-4f0f950d210f",
"ipv4-addr--592c3df9-c274-42dc-9384-4f0f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3df9-c274-42dc-9384-4f0f950d210f",
"dst_ref": "ipv4-addr--592c3df9-c274-42dc-9384-4f0f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3df9-c274-42dc-9384-4f0f950d210f",
"value": "43.249.206.170"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dfa-8eec-4e9f-92f7-48ba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:54.000Z",
"modified": "2017-05-29T15:27:54.000Z",
"pattern": "[url:value = 'http://linuxmessage.com/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dfb-3088-4bba-bade-4c4d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:55.000Z",
"modified": "2017-05-29T15:27:55.000Z",
"pattern": "[domain-name:value = 'linuxmessage.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3dfc-9298-4e03-82c4-4b71950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:56.000Z",
"modified": "2017-05-29T15:27:56.000Z",
"first_observed": "2017-05-29T15:27:56Z",
"last_observed": "2017-05-29T15:27:56Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3dfc-9298-4e03-82c4-4b71950d210f",
"ipv4-addr--592c3dfc-9298-4e03-82c4-4b71950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3dfc-9298-4e03-82c4-4b71950d210f",
"dst_ref": "ipv4-addr--592c3dfc-9298-4e03-82c4-4b71950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3dfc-9298-4e03-82c4-4b71950d210f",
"value": "160.202.163.234"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dfd-d640-422e-9ac5-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:57.000Z",
"modified": "2017-05-29T15:27:57.000Z",
"pattern": "[url:value = 'tfyfa.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dfd-5edc-4b4e-bbd2-48b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:57.000Z",
"modified": "2017-05-29T15:27:57.000Z",
"pattern": "[domain-name:value = 'tfyfa.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3dfe-aed8-4743-9f78-4499950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:58.000Z",
"modified": "2017-05-29T15:27:58.000Z",
"pattern": "[url:value = 'http://107.173.209.45/fyfa.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:27:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3dff-0d14-4735-9009-422e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:27:59.000Z",
"modified": "2017-05-29T15:27:59.000Z",
"first_observed": "2017-05-29T15:27:59Z",
"last_observed": "2017-05-29T15:27:59Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3dff-0d14-4735-9009-422e950d210f",
"ipv4-addr--592c3dff-0d14-4735-9009-422e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3dff-0d14-4735-9009-422e950d210f",
"dst_ref": "ipv4-addr--592c3dff-0d14-4735-9009-422e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3dff-0d14-4735-9009-422e950d210f",
"value": "107.173.209.45"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e00-ea40-4afb-8c5a-48d4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:00.000Z",
"modified": "2017-05-29T15:28:00.000Z",
"pattern": "[url:value = 'tfyfa2.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e00-5990-4a55-9b8d-4fd4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:00.000Z",
"modified": "2017-05-29T15:28:00.000Z",
"pattern": "[domain-name:value = 'tfyfa2.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e01-22b4-4669-af7e-48ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:01.000Z",
"modified": "2017-05-29T15:28:01.000Z",
"pattern": "[url:value = 'http://45.32.154.234/wget.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e02-1668-42bd-b79b-4e57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:02.000Z",
"modified": "2017-05-29T15:28:02.000Z",
"first_observed": "2017-05-29T15:28:02Z",
"last_observed": "2017-05-29T15:28:02Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e02-1668-42bd-b79b-4e57950d210f",
"ipv4-addr--592c3e02-1668-42bd-b79b-4e57950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e02-1668-42bd-b79b-4e57950d210f",
"dst_ref": "ipv4-addr--592c3e02-1668-42bd-b79b-4e57950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e02-1668-42bd-b79b-4e57950d210f",
"value": "45.32.154.234"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e03-fdc8-4850-9d3a-4c5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:03.000Z",
"modified": "2017-05-29T15:28:03.000Z",
"pattern": "[url:value = 'tftp1.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e04-89ac-43a6-86f6-4733950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:04.000Z",
"modified": "2017-05-29T15:28:04.000Z",
"pattern": "[domain-name:value = 'tftp1.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e04-e204-4f2c-8db8-42a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:04.000Z",
"modified": "2017-05-29T15:28:04.000Z",
"pattern": "[url:value = 'tftp2.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e05-35e0-4de4-ba78-4743950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:05.000Z",
"modified": "2017-05-29T15:28:05.000Z",
"pattern": "[domain-name:value = 'tftp2.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e06-25c0-4b99-9b7a-4aa6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:06.000Z",
"modified": "2017-05-29T15:28:06.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e07-6610-45b4-a3ea-4a34950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:06.000Z",
"modified": "2017-05-29T15:28:06.000Z",
"first_observed": "2017-05-29T15:28:06Z",
"last_observed": "2017-05-29T15:28:06Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e07-6610-45b4-a3ea-4a34950d210f",
"ipv4-addr--592c3e07-6610-45b4-a3ea-4a34950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e07-6610-45b4-a3ea-4a34950d210f",
"dst_ref": "ipv4-addr--592c3e07-6610-45b4-a3ea-4a34950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e07-6610-45b4-a3ea-4a34950d210f",
"value": "45.32.234.222"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e07-dd5c-4356-962c-43e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:07.000Z",
"modified": "2017-05-29T15:28:07.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e08-1808-4fbd-8b18-457c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:08.000Z",
"modified": "2017-05-29T15:28:08.000Z",
"first_observed": "2017-05-29T15:28:08Z",
"last_observed": "2017-05-29T15:28:08Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e08-1808-4fbd-8b18-457c950d210f",
"ipv4-addr--592c3e08-1808-4fbd-8b18-457c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e08-1808-4fbd-8b18-457c950d210f",
"dst_ref": "ipv4-addr--592c3e08-1808-4fbd-8b18-457c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e08-1808-4fbd-8b18-457c950d210f",
"value": "45.63.42.158"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e09-0ab0-4ca0-b769-4eea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:09.000Z",
"modified": "2017-05-29T15:28:09.000Z",
"pattern": "[url:value = 'http://dns-services.gq/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e09-64a8-4e9c-a655-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:09.000Z",
"modified": "2017-05-29T15:28:09.000Z",
"pattern": "[domain-name:value = 'dns-services.gq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e0a-3584-48c9-b074-4418950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:10.000Z",
"modified": "2017-05-29T15:28:10.000Z",
"first_observed": "2017-05-29T15:28:10Z",
"last_observed": "2017-05-29T15:28:10Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e0a-3584-48c9-b074-4418950d210f",
"ipv4-addr--592c3e0a-3584-48c9-b074-4418950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e0a-3584-48c9-b074-4418950d210f",
"dst_ref": "ipv4-addr--592c3e0a-3584-48c9-b074-4418950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e0a-3584-48c9-b074-4418950d210f",
"value": "45.76.13.46"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e0b-d86c-4292-8a7a-4345950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:11.000Z",
"modified": "2017-05-29T15:28:11.000Z",
"pattern": "[url:value = 'http://122.10.81.81:1436/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:12.000Z",
"modified": "2017-05-29T15:28:12.000Z",
"first_observed": "2017-05-29T15:28:12Z",
"last_observed": "2017-05-29T15:28:12Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"ipv4-addr--592c3e0c-0f04-4a29-b57a-41cc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"dst_ref": "ipv4-addr--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e0c-0f04-4a29-b57a-41cc950d210f",
"value": "122.10.81.81"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e0e-fa48-4113-aac3-4410950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:14.000Z",
"modified": "2017-05-29T15:28:14.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e0e-a4f8-4789-9d54-46ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:14.000Z",
"modified": "2017-05-29T15:28:14.000Z",
"pattern": "[url:value = 'http://185.92.220.143/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:15.000Z",
"modified": "2017-05-29T15:28:15.000Z",
"first_observed": "2017-05-29T15:28:15Z",
"last_observed": "2017-05-29T15:28:15Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"ipv4-addr--592c3e0f-8290-48e7-9df0-4fa8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"dst_ref": "ipv4-addr--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e0f-8290-48e7-9df0-4fa8950d210f",
"value": "185.92.220.143"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e10-3ef8-4c25-b91d-4bf3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:16.000Z",
"modified": "2017-05-29T15:28:16.000Z",
"pattern": "[url:value = 'http://185.188.206.99/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e10-4cac-4204-9988-435b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:16.000Z",
"modified": "2017-05-29T15:28:16.000Z",
"first_observed": "2017-05-29T15:28:16Z",
"last_observed": "2017-05-29T15:28:16Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e10-4cac-4204-9988-435b950d210f",
"ipv4-addr--592c3e10-4cac-4204-9988-435b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e10-4cac-4204-9988-435b950d210f",
"dst_ref": "ipv4-addr--592c3e10-4cac-4204-9988-435b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e10-4cac-4204-9988-435b950d210f",
"value": "185.188.206.99"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e11-a61c-40d0-b7ca-4d80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:17.000Z",
"modified": "2017-05-29T15:28:17.000Z",
"pattern": "[url:value = 'http://192.227.180.173/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:18.000Z",
"modified": "2017-05-29T15:28:18.000Z",
"first_observed": "2017-05-29T15:28:18Z",
"last_observed": "2017-05-29T15:28:18Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"ipv4-addr--592c3e12-2f10-4f9b-b7ce-4766950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"dst_ref": "ipv4-addr--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e12-2f10-4f9b-b7ce-4766950d210f",
"value": "192.227.180.173"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e13-fa20-472b-88a0-44ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:19.000Z",
"modified": "2017-05-29T15:28:19.000Z",
"pattern": "[url:value = 'http://cnc.urgay.cf/bins/miraint']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e13-11bc-49d5-aa04-4b31950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:19.000Z",
"modified": "2017-05-29T15:28:19.000Z",
"pattern": "[domain-name:value = 'cnc.urgay.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e14-b090-410a-a55b-47b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:20.000Z",
"modified": "2017-05-29T15:28:20.000Z",
"first_observed": "2017-05-29T15:28:20Z",
"last_observed": "2017-05-29T15:28:20Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e14-b090-410a-a55b-47b1950d210f",
"ipv4-addr--592c3e14-b090-410a-a55b-47b1950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e14-b090-410a-a55b-47b1950d210f",
"dst_ref": "ipv4-addr--592c3e14-b090-410a-a55b-47b1950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e14-b090-410a-a55b-47b1950d210f",
"value": "82.118.242.174"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e15-31ec-42d2-b3c5-4ef3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:21.000Z",
"modified": "2017-05-29T15:28:21.000Z",
"pattern": "[url:value = 'http://198.46.130.87/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:21.000Z",
"modified": "2017-05-29T15:28:21.000Z",
"first_observed": "2017-05-29T15:28:21Z",
"last_observed": "2017-05-29T15:28:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"ipv4-addr--592c3e15-ffa0-49bb-9e9d-4287950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"dst_ref": "ipv4-addr--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e15-ffa0-49bb-9e9d-4287950d210f",
"value": "198.46.130.87"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e16-8844-4079-a51b-4d86950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:22.000Z",
"modified": "2017-05-29T15:28:22.000Z",
"pattern": "[url:value = 'http://185.5.251.41/fyfa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e17-2fdc-457f-b779-4e77950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:23.000Z",
"modified": "2017-05-29T15:28:23.000Z",
"first_observed": "2017-05-29T15:28:23Z",
"last_observed": "2017-05-29T15:28:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e17-2fdc-457f-b779-4e77950d210f",
"ipv4-addr--592c3e17-2fdc-457f-b779-4e77950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e17-2fdc-457f-b779-4e77950d210f",
"dst_ref": "ipv4-addr--592c3e17-2fdc-457f-b779-4e77950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e17-2fdc-457f-b779-4e77950d210f",
"value": "185.5.251.41"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e18-8a90-44fb-aaa7-48dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:24.000Z",
"modified": "2017-05-29T15:28:24.000Z",
"pattern": "[url:value = 'http://107.173.209.45/fyfa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e1a-8e50-4c4a-bc66-4927950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:26.000Z",
"modified": "2017-05-29T15:28:26.000Z",
"pattern": "[url:value = 'http://212.237.3.166/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e1a-d84c-4d87-9061-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:26.000Z",
"modified": "2017-05-29T15:28:26.000Z",
"first_observed": "2017-05-29T15:28:26Z",
"last_observed": "2017-05-29T15:28:26Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e1a-d84c-4d87-9061-c158950d210f",
"ipv4-addr--592c3e1a-d84c-4d87-9061-c158950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e1a-d84c-4d87-9061-c158950d210f",
"dst_ref": "ipv4-addr--592c3e1a-d84c-4d87-9061-c158950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e1a-d84c-4d87-9061-c158950d210f",
"value": "212.237.3.166"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e1b-4470-4a30-83bb-41e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:27.000Z",
"modified": "2017-05-29T15:28:27.000Z",
"pattern": "[url:value = 'http://107.173.209.45/bins/fyfa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e1d-b620-4af5-91a6-4330950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:29.000Z",
"modified": "2017-05-29T15:28:29.000Z",
"pattern": "[url:value = 'http://192.227.180.168/bins/bot']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e1e-3118-4cae-8919-4c76950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:30.000Z",
"modified": "2017-05-29T15:28:30.000Z",
"first_observed": "2017-05-29T15:28:30Z",
"last_observed": "2017-05-29T15:28:30Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e1e-3118-4cae-8919-4c76950d210f",
"ipv4-addr--592c3e1e-3118-4cae-8919-4c76950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e1e-3118-4cae-8919-4c76950d210f",
"dst_ref": "ipv4-addr--592c3e1e-3118-4cae-8919-4c76950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e1e-3118-4cae-8919-4c76950d210f",
"value": "192.227.180.168"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e1f-8284-4182-83e6-4994950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:31.000Z",
"modified": "2017-05-29T15:28:31.000Z",
"pattern": "[url:value = 'http://yzykar2.hopto.org/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e20-f4c8-441e-94ba-48fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:32.000Z",
"modified": "2017-05-29T15:28:32.000Z",
"pattern": "[domain-name:value = 'yzykar2.hopto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e21-8200-4abd-95be-466f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:33.000Z",
"modified": "2017-05-29T15:28:33.000Z",
"first_observed": "2017-05-29T15:28:33Z",
"last_observed": "2017-05-29T15:28:33Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e21-8200-4abd-95be-466f950d210f",
"ipv4-addr--592c3e21-8200-4abd-95be-466f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e21-8200-4abd-95be-466f950d210f",
"dst_ref": "ipv4-addr--592c3e21-8200-4abd-95be-466f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e21-8200-4abd-95be-466f950d210f",
"value": "213.136.75.147"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e22-b520-47bc-9f36-4a34950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:34.000Z",
"modified": "2017-05-29T15:28:34.000Z",
"pattern": "[url:value = 'securityupdates.us/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e22-5a6c-4e9c-bde9-40c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:34.000Z",
"modified": "2017-05-29T15:28:34.000Z",
"pattern": "[domain-name:value = 'securityupdates.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e23-de48-4d7b-bd00-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:35.000Z",
"modified": "2017-05-29T15:28:35.000Z",
"first_observed": "2017-05-29T15:28:35Z",
"last_observed": "2017-05-29T15:28:35Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e23-de48-4d7b-bd00-c158950d210f",
"ipv4-addr--592c3e23-de48-4d7b-bd00-c158950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e23-de48-4d7b-bd00-c158950d210f",
"dst_ref": "ipv4-addr--592c3e23-de48-4d7b-bd00-c158950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e23-de48-4d7b-bd00-c158950d210f",
"value": "84.16.241.195"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e24-3c48-43bc-b158-4c18950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:36.000Z",
"modified": "2017-05-29T15:28:36.000Z",
"pattern": "[url:value = 'http://jgop.org/a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e25-2864-42c2-ae94-4c07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:37.000Z",
"modified": "2017-05-29T15:28:37.000Z",
"pattern": "[domain-name:value = 'jgop.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e25-22cc-495f-85b6-40d4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:37.000Z",
"modified": "2017-05-29T15:28:37.000Z",
"pattern": "[url:value = 'http://l.ocalhost.host/1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e26-3d40-41c7-bf44-46a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:38.000Z",
"modified": "2017-05-29T15:28:38.000Z",
"pattern": "[domain-name:value = 'l.ocalhost.host']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e27-a330-4f13-a5d1-4236950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:39.000Z",
"modified": "2017-05-29T15:28:39.000Z",
"pattern": "[url:value = 'http://srrys.pw/1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e28-e9f0-4a80-8b34-4149950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:40.000Z",
"modified": "2017-05-29T15:28:40.000Z",
"pattern": "[domain-name:value = 'srrys.pw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e28-fdc0-406f-9d58-42df950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:40.000Z",
"modified": "2017-05-29T15:28:40.000Z",
"first_observed": "2017-05-29T15:28:40Z",
"last_observed": "2017-05-29T15:28:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e28-fdc0-406f-9d58-42df950d210f",
"ipv4-addr--592c3e28-fdc0-406f-9d58-42df950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e28-fdc0-406f-9d58-42df950d210f",
"dst_ref": "ipv4-addr--592c3e28-fdc0-406f-9d58-42df950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e28-fdc0-406f-9d58-42df950d210f",
"value": "84.16.241.214"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e29-b61c-4e93-abe3-487f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:41.000Z",
"modified": "2017-05-29T15:28:41.000Z",
"pattern": "[url:value = 'http://tr069.pw/1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e2a-1d24-4e11-a1aa-46b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:42.000Z",
"modified": "2017-05-29T15:28:42.000Z",
"pattern": "[domain-name:value = 'tr069.pw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e2b-a9c8-4eb8-82e6-47ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:43.000Z",
"modified": "2017-05-29T15:28:43.000Z",
"pattern": "[url:value = 'bin2.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e2b-668c-4cd0-aa6d-43db950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:43.000Z",
"modified": "2017-05-29T15:28:43.000Z",
"pattern": "[domain-name:value = 'bin2.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e2c-29e4-4a40-bc51-4150950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:44.000Z",
"modified": "2017-05-29T15:28:44.000Z",
"pattern": "[url:value = 'http://95.215.62.11/bin.sh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e2d-7388-4f89-912e-497e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:44.000Z",
"modified": "2017-05-29T15:28:44.000Z",
"first_observed": "2017-05-29T15:28:44Z",
"last_observed": "2017-05-29T15:28:44Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e2d-7388-4f89-912e-497e950d210f",
"ipv4-addr--592c3e2d-7388-4f89-912e-497e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e2d-7388-4f89-912e-497e950d210f",
"dst_ref": "ipv4-addr--592c3e2d-7388-4f89-912e-497e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e2d-7388-4f89-912e-497e950d210f",
"value": "95.215.62.11"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e2d-b94c-4d1a-83fb-461c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:45.000Z",
"modified": "2017-05-29T15:28:45.000Z",
"pattern": "[url:value = 'http://112.185.114.71:62824/.i']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e2e-2154-4b8a-b026-4057950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:46.000Z",
"modified": "2017-05-29T15:28:46.000Z",
"first_observed": "2017-05-29T15:28:46Z",
"last_observed": "2017-05-29T15:28:46Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e2e-2154-4b8a-b026-4057950d210f",
"ipv4-addr--592c3e2e-2154-4b8a-b026-4057950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e2e-2154-4b8a-b026-4057950d210f",
"dst_ref": "ipv4-addr--592c3e2e-2154-4b8a-b026-4057950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e2e-2154-4b8a-b026-4057950d210f",
"value": "112.185.114.71"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e2f-3c5c-4510-9cb9-4b0d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:47.000Z",
"modified": "2017-05-29T15:28:47.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e30-0454-41ca-a7e5-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:48.000Z",
"modified": "2017-05-29T15:28:48.000Z",
"pattern": "[domain-name:value = 'neuvostoliitto.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e31-50a0-4eac-9812-42e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:49.000Z",
"modified": "2017-05-29T15:28:49.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.arm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e32-8b98-4de3-b747-4569950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:50.000Z",
"modified": "2017-05-29T15:28:50.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.arm5n']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e33-fb54-40ba-9e61-4d0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:51.000Z",
"modified": "2017-05-29T15:28:51.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.arm7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e34-b678-4ad8-87b5-41c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:52.000Z",
"modified": "2017-05-29T15:28:52.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.i686']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e35-0cdc-4e1b-8458-4720950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:53.000Z",
"modified": "2017-05-29T15:28:53.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.m68k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e36-9d00-474a-9827-4a80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:54.000Z",
"modified": "2017-05-29T15:28:54.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.mips']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e37-51e4-4519-88d6-4db0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:55.000Z",
"modified": "2017-05-29T15:28:55.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.mpsl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e38-2368-49b0-8c7f-4e25950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:56.000Z",
"modified": "2017-05-29T15:28:56.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.ppc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e39-ba0c-48c9-9e02-41af950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:57.000Z",
"modified": "2017-05-29T15:28:57.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.ppc440fp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e3a-e814-4f2d-bb1a-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:58.000Z",
"modified": "2017-05-29T15:28:58.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.sh4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e3b-12ac-4de1-b299-4713950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:28:59.000Z",
"modified": "2017-05-29T15:28:59.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.spc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:28:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e3c-b5f8-4fb5-87f6-4439950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:00.000Z",
"modified": "2017-05-29T15:29:00.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.x86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e3d-47cc-4cce-96d7-474b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:01.000Z",
"modified": "2017-05-29T15:29:01.000Z",
"pattern": "[url:value = 'http://neuvostoliitto.tk/bins/miraint.x86_64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e3e-8a08-4e9d-98a9-4bab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:02.000Z",
"modified": "2017-05-29T15:29:02.000Z",
"pattern": "[url:value = 'neuvostoliitto.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e41-eebc-496b-8358-4f00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:05.000Z",
"modified": "2017-05-29T15:29:05.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.arm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e42-8e00-404f-a6f3-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:06.000Z",
"modified": "2017-05-29T15:29:06.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.arm5n']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e43-084c-494f-929b-468c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:07.000Z",
"modified": "2017-05-29T15:29:07.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.arm7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e43-837c-44a9-942d-4327950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:07.000Z",
"modified": "2017-05-29T15:29:07.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.m68k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e45-bdb4-429c-9637-4ed6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:09.000Z",
"modified": "2017-05-29T15:29:09.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.mips']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e46-b244-474c-b41e-462c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:10.000Z",
"modified": "2017-05-29T15:29:10.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.mpsl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e47-a0bc-4c3f-b49b-48e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:11.000Z",
"modified": "2017-05-29T15:29:11.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.ppc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e48-547c-451e-b6c6-4d74950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:12.000Z",
"modified": "2017-05-29T15:29:12.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.sh4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e49-4b70-4217-b581-4de3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:13.000Z",
"modified": "2017-05-29T15:29:13.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.spc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e4a-3524-4afa-aaa1-407e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:14.000Z",
"modified": "2017-05-29T15:29:14.000Z",
"pattern": "[url:value = 'http://online.upmirai.club/bady/miraint.x86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e4b-eb44-4525-96dd-45e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:15.000Z",
"modified": "2017-05-29T15:29:15.000Z",
"pattern": "[url:value = 'http://vap3.ddns.net/bins/mirai']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e4c-abec-4aff-b60e-48c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:16.000Z",
"modified": "2017-05-29T15:29:16.000Z",
"pattern": "[domain-name:value = 'vap3.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592c3e4c-97f4-4f99-8323-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:16.000Z",
"modified": "2017-05-29T15:29:16.000Z",
"first_observed": "2017-05-29T15:29:16Z",
"last_observed": "2017-05-29T15:29:16Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592c3e4c-97f4-4f99-8323-c158950d210f",
"ipv4-addr--592c3e4c-97f4-4f99-8323-c158950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592c3e4c-97f4-4f99-8323-c158950d210f",
"dst_ref": "ipv4-addr--592c3e4c-97f4-4f99-8323-c158950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592c3e4c-97f4-4f99-8323-c158950d210f",
"value": "185.165.29.31"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e4d-7148-4304-bda7-4ff7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:17.000Z",
"modified": "2017-05-29T15:29:17.000Z",
"pattern": "[url:value = 'http://vap3.ddns.net/bins/mirai.x86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e4e-f468-4d31-9e55-47ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:18.000Z",
"modified": "2017-05-29T15:29:18.000Z",
"pattern": "[url:value = 'vap3.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e56-ae7c-4cb8-b7d8-4d1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:26.000Z",
"modified": "2017-05-29T15:29:26.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.ppc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e56-e90c-4310-a77e-4d88950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:26.000Z",
"modified": "2017-05-29T15:29:26.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.m68k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e58-bd50-4f21-a3db-42f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:28.000Z",
"modified": "2017-05-29T15:29:28.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.mips']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e59-5294-45c8-9bed-47da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:29.000Z",
"modified": "2017-05-29T15:29:29.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.arm7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e5a-f6d0-4046-a4ca-427b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:30.000Z",
"modified": "2017-05-29T15:29:30.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.mpsl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e5b-7874-441e-8199-4b14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:31.000Z",
"modified": "2017-05-29T15:29:31.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.arm5n']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e5b-c8a8-4ba4-82d9-45ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:31.000Z",
"modified": "2017-05-29T15:29:31.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.spc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e5c-e61c-4099-9769-4cc3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:32.000Z",
"modified": "2017-05-29T15:29:32.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.arm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e5d-0328-40c2-b8dc-495e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:33.000Z",
"modified": "2017-05-29T15:29:33.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.x86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e5e-f744-4665-a304-c158950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:34.000Z",
"modified": "2017-05-29T15:29:34.000Z",
"pattern": "[url:value = 'http://45.32.154.234/bins/miraint.sh4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e61-09fc-494c-9c0a-4c0a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:37.000Z",
"modified": "2017-05-29T15:29:37.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.sh4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e62-de74-41cf-9be1-4c37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:38.000Z",
"modified": "2017-05-29T15:29:38.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.x86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e63-d5d4-470f-968b-4b59950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:39.000Z",
"modified": "2017-05-29T15:29:39.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.arm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e64-e62c-41ac-ac43-4d55950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:40.000Z",
"modified": "2017-05-29T15:29:40.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.mpsl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e65-ebb8-4775-8dba-4e8d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:41.000Z",
"modified": "2017-05-29T15:29:41.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.arm7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e66-da1c-47a8-ad3b-4b09950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:42.000Z",
"modified": "2017-05-29T15:29:42.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.ppc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e67-3934-4ed9-adc5-49aa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:43.000Z",
"modified": "2017-05-29T15:29:43.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.mips']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e68-6ba0-4e5d-b522-4549950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:44.000Z",
"modified": "2017-05-29T15:29:44.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.m68k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e68-e750-4cc9-847b-4b5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:44.000Z",
"modified": "2017-05-29T15:29:44.000Z",
"pattern": "[url:value = 'http://45.32.234.222/bins/mirai.spc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e69-22f8-42b5-b922-4cf1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:45.000Z",
"modified": "2017-05-29T15:29:45.000Z",
"pattern": "[url:value = 'iotmirai.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e6a-f618-4148-89bc-4ba3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:46.000Z",
"modified": "2017-05-29T15:29:46.000Z",
"pattern": "[domain-name:value = 'iotmirai.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e6b-9b6c-42b6-8633-436f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:47.000Z",
"modified": "2017-05-29T15:29:47.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.spc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e6d-08d0-4d46-813e-42a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:48.000Z",
"modified": "2017-05-29T15:29:48.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.arm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e6d-7550-43ce-90e5-44bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:49.000Z",
"modified": "2017-05-29T15:29:49.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.mips']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e6e-4700-4af5-918c-42e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:50.000Z",
"modified": "2017-05-29T15:29:50.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.m68k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e6f-aa24-4e52-912c-458d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:51.000Z",
"modified": "2017-05-29T15:29:51.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.sh4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e70-e6a0-4f2c-8475-4935950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:52.000Z",
"modified": "2017-05-29T15:29:52.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.x86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e71-53b0-413a-b2fa-4cb1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:53.000Z",
"modified": "2017-05-29T15:29:53.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.mpsl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e72-8edc-4380-bdab-492b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:54.000Z",
"modified": "2017-05-29T15:29:54.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.ppc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e72-4e88-4773-ac0b-4e68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:54.000Z",
"modified": "2017-05-29T15:29:54.000Z",
"pattern": "[url:value = 'http://45.63.42.158/bins/mirai.arm7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e73-a174-46eb-9db0-4ff8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:55.000Z",
"modified": "2017-05-29T15:29:55.000Z",
"pattern": "[url:value = 'wheresmirai.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e74-dc40-454a-8802-4f72950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:56.000Z",
"modified": "2017-05-29T15:29:56.000Z",
"pattern": "[domain-name:value = 'wheresmirai.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e75-c1a4-4592-b6d5-4967950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:57.000Z",
"modified": "2017-05-29T15:29:57.000Z",
"pattern": "[url:value = 'http://45.76.161.196/bady/mirai.arm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e76-dd20-43e1-9ec4-4c61950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:58.000Z",
"modified": "2017-05-29T15:29:58.000Z",
"pattern": "[url:value = 'http://45.76.161.196/bady/mirai.spc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e77-8d60-4f56-abf7-4721950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:29:59.000Z",
"modified": "2017-05-29T15:29:59.000Z",
"pattern": "[url:value = 'http://45.76.161.196/bady/mirai.mips']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:29:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592c3e78-4d1c-4937-ba3a-4764950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T15:30:00.000Z",
"modified": "2017-05-29T15:30:00.000Z",
"pattern": "[url:value = 'http://45.76.161.196/bady/mirai.arm5n']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T15:30:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink