misp-circl-feed/feeds/circl/stix-2.1/59b7cd9e-57e4-42c6-b1ce-440d950d210f.json

5204 lines
No EOL
207 KiB
JSON

{
"type": "bundle",
"id": "bundle--59b7cd9e-57e4-42c6-b1ce-440d950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T14:15:22.000Z",
"modified": "2017-09-12T14:15:22.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--59b7cd9e-57e4-42c6-b1ce-440d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T14:15:22.000Z",
"modified": "2017-09-12T14:15:22.000Z",
"name": "M2M - Locky 2017-09-11/11 : Affid=3, \".lukitus\" : \"Bankwest - You have a new eStatement\" - /statement.html links",
"published": "2017-09-12T14:15:31Z",
"object_refs": [
"indicator--59b7cd9f-981c-4c2c-8b53-46fb950d210f",
"indicator--59b7cd9f-56d4-428f-b365-4303950d210f",
"indicator--59b7cda0-1474-48af-ae04-02b8950d210f",
"indicator--59b7cda0-8008-44f0-8882-02fa950d210f",
"observed-data--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"network-traffic--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"ipv4-addr--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"indicator--59b7cda0-62b8-4017-857d-4ff8950d210f",
"indicator--59b7cda1-f198-4ba3-81e6-02fc950d210f",
"observed-data--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"network-traffic--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"ipv4-addr--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"indicator--59b7cda1-19d8-42bc-a278-469d950d210f",
"indicator--59b7cda1-95c4-41f2-90c3-49bd950d210f",
"observed-data--59b7cda2-d150-464f-9460-02b8950d210f",
"network-traffic--59b7cda2-d150-464f-9460-02b8950d210f",
"ipv4-addr--59b7cda2-d150-464f-9460-02b8950d210f",
"indicator--59b7cda2-595c-482d-9250-02fa950d210f",
"indicator--59b7cda2-8c30-4fc1-81db-4ea4950d210f",
"observed-data--59b7cda2-f090-4d88-a586-02fc950d210f",
"network-traffic--59b7cda2-f090-4d88-a586-02fc950d210f",
"ipv4-addr--59b7cda2-f090-4d88-a586-02fc950d210f",
"indicator--59b7cda3-83e0-413e-99b6-432c950d210f",
"indicator--59b7cda3-8f64-4c01-9fcf-48f8950d210f",
"observed-data--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"network-traffic--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"ipv4-addr--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"indicator--59b7cda3-ac68-4ef5-b5b8-40bb950d210f",
"indicator--59b7cda3-af98-4fce-98a9-4edf950d210f",
"observed-data--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"network-traffic--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"ipv4-addr--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"indicator--59b7cda4-31ac-4cfa-9241-02fa950d210f",
"indicator--59b7cda4-8620-407e-9298-473e950d210f",
"observed-data--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"network-traffic--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"ipv4-addr--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"indicator--59b7cda4-68e8-4642-9a56-468a950d210f",
"indicator--59b7cda5-a968-4378-8a21-02fc950d210f",
"observed-data--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"network-traffic--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"ipv4-addr--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"indicator--59b7cda5-ead0-4524-9537-4314950d210f",
"indicator--59b7cda5-be2c-457f-a257-4318950d210f",
"observed-data--59b7cda6-2984-4acd-810d-4061950d210f",
"network-traffic--59b7cda6-2984-4acd-810d-4061950d210f",
"ipv4-addr--59b7cda6-2984-4acd-810d-4061950d210f",
"indicator--59b7cda6-01ac-454c-83e0-4128950d210f",
"indicator--59b7cda6-9f18-45c5-9e43-02b8950d210f",
"observed-data--59b7cda8-493c-4a66-a40b-49bd950d210f",
"network-traffic--59b7cda8-493c-4a66-a40b-49bd950d210f",
"ipv4-addr--59b7cda8-493c-4a66-a40b-49bd950d210f",
"indicator--59b7cda8-3424-4dbb-99e4-4830950d210f",
"indicator--59b7cda8-896c-4b97-b43e-02fc950d210f",
"observed-data--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"network-traffic--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"ipv4-addr--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"indicator--59b7cda8-d684-4889-b398-4b14950d210f",
"indicator--59b7cda8-f124-4c1e-89ff-4345950d210f",
"observed-data--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"network-traffic--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"ipv4-addr--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"indicator--59b7cda9-a1a0-4d49-a5ea-4ffe950d210f",
"indicator--59b7cda9-1d68-4a52-a8b7-4592950d210f",
"observed-data--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"network-traffic--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"ipv4-addr--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"indicator--59b7cdaa-47c4-405a-b804-02b8950d210f",
"indicator--59b7cdaa-fec8-43b9-aeb2-4783950d210f",
"observed-data--59b7cdaa-13c0-46cf-a002-412e950d210f",
"network-traffic--59b7cdaa-13c0-46cf-a002-412e950d210f",
"ipv4-addr--59b7cdaa-13c0-46cf-a002-412e950d210f",
"indicator--59b7cdaa-1f04-4bf7-9ddc-42c2950d210f",
"indicator--59b7cdaa-1ee0-4c8a-a900-4c1d950d210f",
"observed-data--59b7cdab-5804-4f89-845b-4697950d210f",
"network-traffic--59b7cdab-5804-4f89-845b-4697950d210f",
"ipv4-addr--59b7cdab-5804-4f89-845b-4697950d210f",
"indicator--59b7cdab-4ab4-42e7-8030-4511950d210f",
"indicator--59b7cdab-e008-42d9-835d-489b950d210f",
"observed-data--59b7cdac-90fc-4582-afc9-4bac950d210f",
"network-traffic--59b7cdac-90fc-4582-afc9-4bac950d210f",
"ipv4-addr--59b7cdac-90fc-4582-afc9-4bac950d210f",
"indicator--59b7cdac-25e8-4fb6-9377-460c950d210f",
"indicator--59b7cdac-de70-4073-b19e-441b950d210f",
"observed-data--59b7cdac-382c-455f-8b9e-49b7950d210f",
"network-traffic--59b7cdac-382c-455f-8b9e-49b7950d210f",
"ipv4-addr--59b7cdac-382c-455f-8b9e-49b7950d210f",
"indicator--59b7cdad-28ac-4ffb-92a5-4eff950d210f",
"indicator--59b7cdad-8968-4c43-8902-45cf950d210f",
"observed-data--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"network-traffic--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"ipv4-addr--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"indicator--59b7cdad-6dd4-4803-a972-42de950d210f",
"indicator--59b7cdad-63a0-4bcd-800c-43c6950d210f",
"indicator--59b7cdae-f464-43d0-9dd2-4a5a950d210f",
"indicator--59b7cdae-5730-46a6-a1ea-4bc6950d210f",
"indicator--59b7cdb5-e28c-4770-bf33-02b8950d210f",
"indicator--59b7cdb5-936c-4d3a-a702-4acc950d210f",
"observed-data--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"network-traffic--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"ipv4-addr--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"indicator--59b7cdb5-dc48-429f-a4e1-46db950d210f",
"indicator--59b7cdb5-31c4-43ea-8cea-42ef950d210f",
"observed-data--59b7cdb6-0a30-410c-8d58-4740950d210f",
"network-traffic--59b7cdb6-0a30-410c-8d58-4740950d210f",
"ipv4-addr--59b7cdb6-0a30-410c-8d58-4740950d210f",
"indicator--59b7cdb6-1338-4b45-932e-49d0950d210f",
"indicator--59b7cdb6-21a4-4911-9130-4b59950d210f",
"observed-data--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"network-traffic--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"ipv4-addr--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"indicator--59b7cdb7-0ff8-4303-b6ea-4913950d210f",
"indicator--59b7cdb7-c188-4caa-8bf7-459f950d210f",
"observed-data--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"network-traffic--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"ipv4-addr--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"indicator--59b7cdb8-cbb4-4459-8bc0-47ad950d210f",
"indicator--59b7cdb8-29f0-43f1-85be-43bd950d210f",
"observed-data--59b7cdb8-2870-467a-86ce-41a7950d210f",
"network-traffic--59b7cdb8-2870-467a-86ce-41a7950d210f",
"ipv4-addr--59b7cdb8-2870-467a-86ce-41a7950d210f",
"indicator--59b7cdb8-5368-45f8-b85e-4058950d210f",
"indicator--59b7cdb9-3724-4010-a5de-41af950d210f",
"observed-data--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"network-traffic--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"ipv4-addr--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"indicator--59b7cdbb-a3b4-41d9-ad06-4eb2950d210f",
"indicator--59b7cdbb-a990-4038-bc74-46a1950d210f",
"observed-data--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"network-traffic--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"ipv4-addr--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"indicator--59b7cdbc-56ec-42ab-9e28-445f950d210f",
"indicator--59b7cdbc-ae8c-4f9d-bb57-48b5950d210f",
"observed-data--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"network-traffic--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"ipv4-addr--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"indicator--59b7cdbc-14f4-44ed-8cdf-466d950d210f",
"indicator--59b7cdbd-6354-4e39-b860-4387950d210f",
"observed-data--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"network-traffic--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"ipv4-addr--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"indicator--59b7cdbd-d058-4521-8d85-4138950d210f",
"indicator--59b7cdbd-5180-414c-9f01-43f0950d210f",
"observed-data--59b7cdbe-6594-4d20-869c-4765950d210f",
"network-traffic--59b7cdbe-6594-4d20-869c-4765950d210f",
"ipv4-addr--59b7cdbe-6594-4d20-869c-4765950d210f",
"indicator--59b7cdbe-f288-44bd-b7f3-4c33950d210f",
"indicator--59b7cdbe-797c-4984-9e7c-02b8950d210f",
"observed-data--59b7cdbe-80dc-487d-8372-45ca950d210f",
"network-traffic--59b7cdbe-80dc-487d-8372-45ca950d210f",
"ipv4-addr--59b7cdbe-80dc-487d-8372-45ca950d210f",
"indicator--59b7cdbe-d740-447b-a1b2-4589950d210f",
"indicator--59b7cdbe-d2a0-416f-aff1-4ca2950d210f",
"observed-data--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"network-traffic--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"ipv4-addr--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"indicator--59b7cdbf-6598-40da-a160-430d950d210f",
"indicator--59b7cdbf-b038-4577-8d44-4f77950d210f",
"observed-data--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"network-traffic--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"ipv4-addr--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"indicator--59b7cdc0-4f24-4203-b59b-41bc950d210f",
"indicator--59b7cdc0-7ed4-4db0-abba-4798950d210f",
"indicator--59b7cdc0-f6a4-404b-84bc-4325950d210f",
"indicator--59b7cdc1-cfcc-45ac-856a-40a1950d210f",
"observed-data--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"network-traffic--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"ipv4-addr--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"indicator--59b7cdc1-baf8-497d-b726-481f950d210f",
"indicator--59b7cdc1-671c-40c8-adae-42b1950d210f",
"observed-data--59b7cdc2-28bc-4155-901a-4e79950d210f",
"network-traffic--59b7cdc2-28bc-4155-901a-4e79950d210f",
"ipv4-addr--59b7cdc2-28bc-4155-901a-4e79950d210f",
"indicator--59b7cdc2-ffbc-414b-b8ee-422d950d210f",
"indicator--59b7cdc2-3520-4dc3-87d3-4156950d210f",
"observed-data--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"network-traffic--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"ipv4-addr--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"indicator--59b7cdc2-1fb4-4151-b933-4ef7950d210f",
"indicator--59b7cdc3-3f54-4b94-bc28-4812950d210f",
"observed-data--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"network-traffic--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"ipv4-addr--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"indicator--59b7cdc3-0ec0-4b34-ac1f-02fc950d210f",
"indicator--59b7cdc3-ef4c-49d8-81c3-4ed7950d210f",
"observed-data--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"network-traffic--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"ipv4-addr--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"indicator--59b7cdc4-7d10-40bc-bb4e-4e81950d210f",
"indicator--59b7cdc4-a390-4ee0-a951-46a6950d210f",
"indicator--59b7cdc4-9ff0-4ef8-b5bc-4d16950d210f",
"indicator--59b7cdc4-3758-4b3b-9597-4b29950d210f",
"observed-data--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"network-traffic--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"ipv4-addr--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"indicator--59b7cdc5-d3ac-4cf8-9de6-46b8950d210f",
"indicator--59b7cdc5-d03c-4bb8-a1e2-4a56950d210f",
"observed-data--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"network-traffic--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"ipv4-addr--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"indicator--59b7cdc5-f778-45f3-8fb2-49c5950d210f",
"indicator--59b7cdc5-b634-4ab2-87c6-02fc950d210f",
"observed-data--59b7cdc6-5ac4-4134-995f-4892950d210f",
"network-traffic--59b7cdc6-5ac4-4134-995f-4892950d210f",
"ipv4-addr--59b7cdc6-5ac4-4134-995f-4892950d210f",
"indicator--59b7cdc6-a1f0-4362-a494-481b950d210f",
"indicator--59b7cdc6-9db0-4daa-80d1-4d82950d210f",
"observed-data--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"network-traffic--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"ipv4-addr--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"indicator--59b7cdc6-9a3c-470b-92c2-4b95950d210f",
"indicator--59b7cdc7-6654-4796-9669-4093950d210f",
"observed-data--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"network-traffic--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"ipv4-addr--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"indicator--59b7cdc7-bc4c-4b49-a1a3-4f85950d210f",
"indicator--59b7cdc7-2f20-426e-9284-4ef2950d210f",
"indicator--59b7cdc8-d21c-4fda-ad4d-481f950d210f",
"indicator--59b7cdc8-3564-4773-9305-02fc950d210f",
"observed-data--59b7cdc8-4b6c-421a-823a-412a950d210f",
"network-traffic--59b7cdc8-4b6c-421a-823a-412a950d210f",
"ipv4-addr--59b7cdc8-4b6c-421a-823a-412a950d210f",
"indicator--59b7cdc8-8014-4d09-9daa-452a950d210f",
"indicator--59b7cdc9-f64c-4538-b966-4fda950d210f",
"observed-data--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"network-traffic--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"ipv4-addr--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"indicator--59b7cdc9-74d0-4c3d-be40-40ca950d210f",
"indicator--59b7cdc9-fb98-45ea-b9af-41a5950d210f",
"observed-data--59b7cdca-068c-40c5-8efb-41fe950d210f",
"network-traffic--59b7cdca-068c-40c5-8efb-41fe950d210f",
"ipv4-addr--59b7cdca-068c-40c5-8efb-41fe950d210f",
"indicator--59b7cdca-bd48-4e99-9ce4-424d950d210f",
"indicator--59b7cdcb-8390-4f84-952a-4c92950d210f",
"observed-data--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"network-traffic--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"ipv4-addr--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"indicator--59b7cdcb-dd1c-45f5-b945-438d950d210f",
"indicator--59b7cdcb-5288-4b24-9a1b-407c950d210f",
"observed-data--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"network-traffic--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"ipv4-addr--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"indicator--59b7cdcf-70c8-44e6-ab24-4ab4950d210f",
"indicator--59b7cdcf-cc20-4490-b08b-4d4c950d210f",
"indicator--59b7cdcf-3558-4a72-b8d6-48a7950d210f",
"indicator--59b7cdcf-42c0-4397-abc4-4c1a950d210f",
"indicator--59b7cdd0-b51c-4cf3-a8a4-47f5950d210f",
"indicator--59b7cdd0-93e8-4f02-b0ac-40b8950d210f",
"observed-data--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"network-traffic--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"ipv4-addr--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"observed-data--59b7cdd1-0d30-4b2b-93fd-473c950d210f",
"url--59b7cdd1-0d30-4b2b-93fd-473c950d210f",
"observed-data--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"network-traffic--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"ipv4-addr--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"observed-data--59b7cdd1-4710-4396-a9f8-4640950d210f",
"url--59b7cdd1-4710-4396-a9f8-4640950d210f",
"observed-data--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"network-traffic--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"ipv4-addr--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"indicator--59b7cdd2-0c70-4e13-b411-4827950d210f",
"indicator--59b7cdd2-c7c0-4759-99ab-02b8950d210f",
"indicator--59b7cdd2-5740-4a39-b4a3-4510950d210f",
"indicator--59b7cdd2-b684-4131-b644-4f27950d210f",
"indicator--59b7cdd2-3674-4aca-b0ee-496c950d210f",
"indicator--59b7cdd3-3f70-467f-a10a-46f8950d210f",
"indicator--59b7cdd3-fc6c-438b-b2a3-4e4b950d210f",
"indicator--59b7cdd3-4734-4a8d-b36c-02b8950d210f",
"indicator--59b7cdd3-e358-403a-b14f-4d4e950d210f",
"indicator--59b7cdd3-0184-462f-94f9-4038950d210f",
"indicator--59b7cdd4-a1d0-4d08-982c-4f37950d210f",
"indicator--59b7cdd4-2508-45bf-9db1-4bfe950d210f",
"indicator--59b7cdd4-e0e8-4cea-9bfc-4f33950d210f",
"indicator--59b7cdd4-3bd0-40e9-9c85-4b76950d210f",
"indicator--59b7cdd4-9a94-4326-9774-4efa950d210f",
"indicator--59b7cdd5-88f4-4857-841e-4ae6950d210f",
"indicator--59b7cdd5-6288-407d-97fa-4c65950d210f",
"indicator--59b7cdd5-f264-42de-8b18-42d6950d210f",
"indicator--59b7cdd5-ed54-4f4d-87ad-02fc950d210f",
"indicator--59b7cdd5-1b78-41c7-a1df-44c4950d210f",
"indicator--59b7cdd5-26ac-4de8-94e5-4cdc950d210f",
"indicator--59b7cdd6-3674-4fbb-badf-4336950d210f",
"indicator--59b7cdd6-6758-4ca5-9837-47fb950d210f",
"indicator--59b7cdd6-adcc-4b9e-96d9-4633950d210f",
"indicator--59b7e43f-5b98-4145-aa0c-453502de0b81",
"indicator--59b7e43f-f7f8-42ac-bc85-4ec302de0b81",
"observed-data--59b7e43f-fb38-4b54-a271-4e5702de0b81",
"url--59b7e43f-fb38-4b54-a271-4e5702de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Locky\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cd9f-981c-4c2c-8b53-46fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[file:hashes.MD5 = '2518037ef7d7524a631c4bf9086428f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cd9f-56d4-428f-b365-4303950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[file:hashes.MD5 = '230606dd8b0d62e2a8a04ef61b2d8707']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda0-1474-48af-ae04-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://420ent.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda0-8008-44f0-8882-02fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = '420ent.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"ipv4-addr--59b7cda0-bc48-42cb-bc1d-4079950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"dst_ref": "ipv4-addr--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda0-bc48-42cb-bc1d-4079950d210f",
"value": "98.124.251.72"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda0-62b8-4017-857d-4ff8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://afilhadaemmocambique.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda1-f198-4ba3-81e6-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'afilhadaemmocambique.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"ipv4-addr--59b7cda1-9414-48a4-8dd1-4ad4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"dst_ref": "ipv4-addr--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda1-9414-48a4-8dd1-4ad4950d210f",
"value": "80.172.241.21"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda1-19d8-42bc-a278-469d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://beepop.info/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda1-95c4-41f2-90c3-49bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'beepop.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda2-d150-464f-9460-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda2-d150-464f-9460-02b8950d210f",
"ipv4-addr--59b7cda2-d150-464f-9460-02b8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda2-d150-464f-9460-02b8950d210f",
"dst_ref": "ipv4-addr--59b7cda2-d150-464f-9460-02b8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda2-d150-464f-9460-02b8950d210f",
"value": "217.160.239.66"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda2-595c-482d-9250-02fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://bellevuecommunityband.org/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda2-8c30-4fc1-81db-4ea4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'bellevuecommunityband.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda2-f090-4d88-a586-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda2-f090-4d88-a586-02fc950d210f",
"ipv4-addr--59b7cda2-f090-4d88-a586-02fc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda2-f090-4d88-a586-02fc950d210f",
"dst_ref": "ipv4-addr--59b7cda2-f090-4d88-a586-02fc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda2-f090-4d88-a586-02fc950d210f",
"value": "64.6.227.247"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda3-83e0-413e-99b6-432c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://bingleybuilder.co.uk/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda3-8f64-4c01-9fcf-48f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'bingleybuilder.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"ipv4-addr--59b7cda3-6f8c-43c4-a6d6-41ae950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"dst_ref": "ipv4-addr--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda3-6f8c-43c4-a6d6-41ae950d210f",
"value": "77.68.14.29"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda3-ac68-4ef5-b5b8-40bb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://cedricanimation.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda3-af98-4fce-98a9-4edf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'cedricanimation.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"ipv4-addr--59b7cda4-5e40-42b8-af4d-4b76950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"dst_ref": "ipv4-addr--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda4-5e40-42b8-af4d-4b76950d210f",
"value": "92.48.103.161"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda4-31ac-4cfa-9241-02fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://chimachinenow.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda4-8620-407e-9298-473e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'chimachinenow.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"ipv4-addr--59b7cda4-a7fc-4aa4-ba12-4d13950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"dst_ref": "ipv4-addr--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda4-a7fc-4aa4-ba12-4d13950d210f",
"value": "199.30.241.139"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda4-68e8-4642-9a56-468a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://comtechadsl.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda5-a968-4378-8a21-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'comtechadsl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"ipv4-addr--59b7cda5-3a70-4eee-87ef-4bc3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"dst_ref": "ipv4-addr--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda5-3a70-4eee-87ef-4bc3950d210f",
"value": "77.92.1.3"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda5-ead0-4524-9537-4314950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://conectivaconsultores.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda5-be2c-457f-a257-4318950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'conectivaconsultores.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda6-2984-4acd-810d-4061950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda6-2984-4acd-810d-4061950d210f",
"ipv4-addr--59b7cda6-2984-4acd-810d-4061950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda6-2984-4acd-810d-4061950d210f",
"dst_ref": "ipv4-addr--59b7cda6-2984-4acd-810d-4061950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda6-2984-4acd-810d-4061950d210f",
"value": "84.232.4.8"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda6-01ac-454c-83e0-4128950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://crystalballcruise.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda6-9f18-45c5-9e43-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'crystalballcruise.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda8-493c-4a66-a40b-49bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda8-493c-4a66-a40b-49bd950d210f",
"ipv4-addr--59b7cda8-493c-4a66-a40b-49bd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda8-493c-4a66-a40b-49bd950d210f",
"dst_ref": "ipv4-addr--59b7cda8-493c-4a66-a40b-49bd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda8-493c-4a66-a40b-49bd950d210f",
"value": "173.193.126.154"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda8-3424-4dbb-99e4-4830950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://cutwell.ca/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda8-896c-4b97-b43e-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'cutwell.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"ipv4-addr--59b7cda8-81f4-4734-a4a0-4d14950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"dst_ref": "ipv4-addr--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda8-81f4-4734-a4a0-4d14950d210f",
"value": "98.124.251.68"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda8-d684-4889-b398-4b14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://dbatee.gr/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda8-f124-4c1e-89ff-4345950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'dbatee.gr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"ipv4-addr--59b7cda9-f2d4-45ee-90d9-4a70950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"dst_ref": "ipv4-addr--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda9-f2d4-45ee-90d9-4a70950d210f",
"value": "62.103.152.100"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda9-a1a0-4d49-a5ea-4ffe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://duaneandirisblue.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cda9-1d68-4a52-a8b7-4592950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'duaneandirisblue.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"ipv4-addr--59b7cda9-9ee0-4456-9aba-45e1950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"dst_ref": "ipv4-addr--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cda9-9ee0-4456-9aba-45e1950d210f",
"value": "68.171.35.126"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdaa-47c4-405a-b804-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://e-chards.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdaa-fec8-43b9-aeb2-4783950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'e-chards.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdaa-13c0-46cf-a002-412e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdaa-13c0-46cf-a002-412e950d210f",
"ipv4-addr--59b7cdaa-13c0-46cf-a002-412e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdaa-13c0-46cf-a002-412e950d210f",
"dst_ref": "ipv4-addr--59b7cdaa-13c0-46cf-a002-412e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdaa-13c0-46cf-a002-412e950d210f",
"value": "64.6.253.223"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdaa-1f04-4bf7-9ddc-42c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://envi-herzog.de/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdaa-1ee0-4c8a-a900-4c1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'envi-herzog.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdab-5804-4f89-845b-4697950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdab-5804-4f89-845b-4697950d210f",
"ipv4-addr--59b7cdab-5804-4f89-845b-4697950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdab-5804-4f89-845b-4697950d210f",
"dst_ref": "ipv4-addr--59b7cdab-5804-4f89-845b-4697950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdab-5804-4f89-845b-4697950d210f",
"value": "194.116.187.130"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdab-4ab4-42e7-8030-4511950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://ericweb.co.za/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdab-e008-42d9-835d-489b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'ericweb.co.za']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdac-90fc-4582-afc9-4bac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdac-90fc-4582-afc9-4bac950d210f",
"ipv4-addr--59b7cdac-90fc-4582-afc9-4bac950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdac-90fc-4582-afc9-4bac950d210f",
"dst_ref": "ipv4-addr--59b7cdac-90fc-4582-afc9-4bac950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdac-90fc-4582-afc9-4bac950d210f",
"value": "196.25.211.127"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdac-25e8-4fb6-9377-460c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://eternallyclassicjewelry.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdac-de70-4073-b19e-441b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'eternallyclassicjewelry.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdac-382c-455f-8b9e-49b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdac-382c-455f-8b9e-49b7950d210f",
"ipv4-addr--59b7cdac-382c-455f-8b9e-49b7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdac-382c-455f-8b9e-49b7950d210f",
"dst_ref": "ipv4-addr--59b7cdac-382c-455f-8b9e-49b7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdac-382c-455f-8b9e-49b7950d210f",
"value": "98.124.251.166"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdad-28ac-4ffb-92a5-4eff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://excel-conduite.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdad-8968-4c43-8902-45cf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'excel-conduite.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"ipv4-addr--59b7cdad-ef1c-45d4-b95e-4052950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"dst_ref": "ipv4-addr--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdad-ef1c-45d4-b95e-4052950d210f",
"value": "193.227.248.241"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdad-6dd4-4803-a972-42de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://expresspermis.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdad-63a0-4bcd-800c-43c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'expresspermis.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdae-f464-43d0-9dd2-4a5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://fexx.co.uk/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdae-5730-46a6-a1ea-4bc6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'fexx.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb5-e28c-4770-bf33-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://fiore-web.it/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb5-936c-4d3a-a702-4acc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'fiore-web.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"ipv4-addr--59b7cdb5-4fc8-4726-84c3-4b54950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"dst_ref": "ipv4-addr--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdb5-4fc8-4726-84c3-4b54950d210f",
"value": "89.96.90.14"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb5-dc48-429f-a4e1-46db950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://hostprodirect.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb5-31c4-43ea-8cea-42ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'hostprodirect.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdb6-0a30-410c-8d58-4740950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdb6-0a30-410c-8d58-4740950d210f",
"ipv4-addr--59b7cdb6-0a30-410c-8d58-4740950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdb6-0a30-410c-8d58-4740950d210f",
"dst_ref": "ipv4-addr--59b7cdb6-0a30-410c-8d58-4740950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdb6-0a30-410c-8d58-4740950d210f",
"value": "209.213.100.202"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb6-1338-4b45-932e-49d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://irmak.web.tr/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb6-21a4-4911-9130-4b59950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'irmak.web.tr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"ipv4-addr--59b7cdb7-9288-4d32-9ed5-4cbb950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"dst_ref": "ipv4-addr--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdb7-9288-4d32-9ed5-4cbb950d210f",
"value": "82.151.132.24"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb7-0ff8-4303-b6ea-4913950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://jenyeong.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb7-c188-4caa-8bf7-459f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'jenyeong.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"ipv4-addr--59b7cdb7-1ccc-4919-babc-40cd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"dst_ref": "ipv4-addr--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdb7-1ccc-4919-babc-40cd950d210f",
"value": "203.74.203.14"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb8-cbb4-4459-8bc0-47ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://lakeroadlavender.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb8-29f0-43f1-85be-43bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'lakeroadlavender.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdb8-2870-467a-86ce-41a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdb8-2870-467a-86ce-41a7950d210f",
"ipv4-addr--59b7cdb8-2870-467a-86ce-41a7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdb8-2870-467a-86ce-41a7950d210f",
"dst_ref": "ipv4-addr--59b7cdb8-2870-467a-86ce-41a7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdb8-2870-467a-86ce-41a7950d210f",
"value": "66.199.174.108"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb8-5368-45f8-b85e-4058950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://linksoft.co.nz/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdb9-3724-4010-a5de-41af950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'linksoft.co.nz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"ipv4-addr--59b7cdbb-44f8-4ee4-930f-4181950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"dst_ref": "ipv4-addr--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbb-44f8-4ee4-930f-4181950d210f",
"value": "49.50.240.107"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbb-a3b4-41d9-ad06-4eb2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://matern-eger.de/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbb-a990-4038-bc74-46a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'matern-eger.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"ipv4-addr--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"dst_ref": "ipv4-addr--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbb-dbb8-46b1-a5b1-42a6950d210f",
"value": "87.106.222.105"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbc-56ec-42ab-9e28-445f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://mysushi.it/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbc-ae8c-4f9d-bb57-48b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'mysushi.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"ipv4-addr--59b7cdbc-1ad4-454d-97df-4be2950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"dst_ref": "ipv4-addr--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbc-1ad4-454d-97df-4be2950d210f",
"value": "93.174.71.137"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbc-14f4-44ed-8cdf-466d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://pciholog.ru/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbd-6354-4e39-b860-4387950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'pciholog.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"ipv4-addr--59b7cdbd-d370-4bd1-af60-02fc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"dst_ref": "ipv4-addr--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbd-d370-4bd1-af60-02fc950d210f",
"value": "89.253.235.118"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbd-d058-4521-8d85-4138950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://phmetreci.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbd-5180-414c-9f01-43f0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'phmetreci.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbe-6594-4d20-869c-4765950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbe-6594-4d20-869c-4765950d210f",
"ipv4-addr--59b7cdbe-6594-4d20-869c-4765950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbe-6594-4d20-869c-4765950d210f",
"dst_ref": "ipv4-addr--59b7cdbe-6594-4d20-869c-4765950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbe-6594-4d20-869c-4765950d210f",
"value": "185.150.128.21"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbe-f288-44bd-b7f3-4c33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://placecomp.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbe-797c-4984-9e7c-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'placecomp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbe-80dc-487d-8372-45ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbe-80dc-487d-8372-45ca950d210f",
"ipv4-addr--59b7cdbe-80dc-487d-8372-45ca950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbe-80dc-487d-8372-45ca950d210f",
"dst_ref": "ipv4-addr--59b7cdbe-80dc-487d-8372-45ca950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbe-80dc-487d-8372-45ca950d210f",
"value": "74.208.88.65"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbe-d740-447b-a1b2-4589950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://primitivoconstruction.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbe-d2a0-416f-aff1-4ca2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'primitivoconstruction.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"ipv4-addr--59b7cdbf-9888-4cbb-be4e-406c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"dst_ref": "ipv4-addr--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbf-9888-4cbb-be4e-406c950d210f",
"value": "216.222.197.180"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbf-6598-40da-a160-430d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://quadratus.nl/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdbf-b038-4577-8d44-4f77950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'quadratus.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"ipv4-addr--59b7cdbf-5b9c-44e2-845b-02fc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"dst_ref": "ipv4-addr--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdbf-5b9c-44e2-845b-02fc950d210f",
"value": "94.126.70.17"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc0-4f24-4203-b59b-41bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://rb.si/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc0-7ed4-4db0-abba-4798950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'rb.si']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc0-f6a4-404b-84bc-4325950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://redboxcontracting.co.uk/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc1-cfcc-45ac-856a-40a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'redboxcontracting.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"ipv4-addr--59b7cdc1-51dc-4114-9d31-02b8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"dst_ref": "ipv4-addr--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc1-51dc-4114-9d31-02b8950d210f",
"value": "77.240.1.138"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc1-baf8-497d-b726-481f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://reels.apa-agency.com/~apalibrary/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc1-671c-40c8-adae-42b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'reels.apa-agency.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc2-28bc-4155-901a-4e79950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc2-28bc-4155-901a-4e79950d210f",
"ipv4-addr--59b7cdc2-28bc-4155-901a-4e79950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc2-28bc-4155-901a-4e79950d210f",
"dst_ref": "ipv4-addr--59b7cdc2-28bc-4155-901a-4e79950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc2-28bc-4155-901a-4e79950d210f",
"value": "97.74.6.140"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc2-ffbc-414b-b8ee-422d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://sabines-marmeladen.de/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc2-3520-4dc3-87d3-4156950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'sabines-marmeladen.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"ipv4-addr--59b7cdc2-e6c4-400c-aa04-4e9b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"dst_ref": "ipv4-addr--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc2-e6c4-400c-aa04-4e9b950d210f",
"value": "178.77.75.180"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc2-1fb4-4151-b933-4ef7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://schoensigns.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc3-3f54-4b94-bc28-4812950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'schoensigns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"ipv4-addr--59b7cdc3-e2a0-4249-aab0-4d9f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"dst_ref": "ipv4-addr--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc3-e2a0-4249-aab0-4d9f950d210f",
"value": "184.168.126.30"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc3-0ec0-4b34-ac1f-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://scouting-bvb.nl/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc3-ef4c-49d8-81c3-4ed7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'scouting-bvb.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"ipv4-addr--59b7cdc4-2f94-479a-9f10-44ce950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"dst_ref": "ipv4-addr--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc4-2f94-479a-9f10-44ce950d210f",
"value": "46.235.44.76"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc4-7d10-40bc-bb4e-4e81950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://securmailbox.it/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc4-a390-4ee0-a951-46a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'securmailbox.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc4-9ff0-4ef8-b5bc-4d16950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://shanta.de/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc4-3758-4b3b-9597-4b29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'shanta.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"ipv4-addr--59b7cdc5-fb10-40f3-b6e1-4baf950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"dst_ref": "ipv4-addr--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc5-fb10-40f3-b6e1-4baf950d210f",
"value": "83.169.1.28"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc5-d3ac-4cf8-9de6-46b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://share.be/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc5-d03c-4bb8-a1e2-4a56950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'share.be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"ipv4-addr--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"dst_ref": "ipv4-addr--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc5-4a0c-4da7-a37b-4ef9950d210f",
"value": "91.183.189.151"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc5-f778-45f3-8fb2-49c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://shopsshops.de/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc5-b634-4ab2-87c6-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'shopsshops.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc6-5ac4-4134-995f-4892950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc6-5ac4-4134-995f-4892950d210f",
"ipv4-addr--59b7cdc6-5ac4-4134-995f-4892950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc6-5ac4-4134-995f-4892950d210f",
"dst_ref": "ipv4-addr--59b7cdc6-5ac4-4134-995f-4892950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc6-5ac4-4134-995f-4892950d210f",
"value": "62.75.132.67"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc6-a1f0-4362-a494-481b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://studiofashion.it/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc6-9db0-4daa-80d1-4d82950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'studiofashion.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"ipv4-addr--59b7cdc6-3bb8-4910-ac1d-02b8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"dst_ref": "ipv4-addr--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc6-3bb8-4910-ac1d-02b8950d210f",
"value": "185.58.7.11"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc6-9a3c-470b-92c2-4b95950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://studioslefteris.gr/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc7-6654-4796-9669-4093950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'studioslefteris.gr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"ipv4-addr--59b7cdc7-2db8-43ca-b58f-405a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"dst_ref": "ipv4-addr--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc7-2db8-43ca-b58f-405a950d210f",
"value": "158.69.151.250"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc7-bc4c-4b49-a1a3-4f85950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://tecnigrafite.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc7-2f20-426e-9284-4ef2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'tecnigrafite.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc8-d21c-4fda-ad4d-481f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://ukraine-consulting.com/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc8-3564-4773-9305-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'ukraine-consulting.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc8-4b6c-421a-823a-412a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc8-4b6c-421a-823a-412a950d210f",
"ipv4-addr--59b7cdc8-4b6c-421a-823a-412a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc8-4b6c-421a-823a-412a950d210f",
"dst_ref": "ipv4-addr--59b7cdc8-4b6c-421a-823a-412a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc8-4b6c-421a-823a-412a950d210f",
"value": "216.55.139.238"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc8-8014-4d09-9daa-452a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://veigadecompostela.es/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc9-f64c-4538-b966-4fda950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'veigadecompostela.es']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"ipv4-addr--59b7cdc9-d6c4-4854-91fe-4857950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"dst_ref": "ipv4-addr--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdc9-d6c4-4854-91fe-4857950d210f",
"value": "185.18.197.109"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc9-74d0-4c3d-be40-40ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://villa-effe.jp/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdc9-fb98-45ea-b9af-41a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'villa-effe.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdca-068c-40c5-8efb-41fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdca-068c-40c5-8efb-41fe950d210f",
"ipv4-addr--59b7cdca-068c-40c5-8efb-41fe950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdca-068c-40c5-8efb-41fe950d210f",
"dst_ref": "ipv4-addr--59b7cdca-068c-40c5-8efb-41fe950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdca-068c-40c5-8efb-41fe950d210f",
"value": "121.119.174.24"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdca-bd48-4e99-9ce4-424d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://yeserimmatbaa.com.tr/statement.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdcb-8390-4f84-952a-4c92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'yeserimmatbaa.com.tr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"ipv4-addr--59b7cdcb-e470-4d29-a3d8-02fc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"dst_ref": "ipv4-addr--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdcb-e470-4d29-a3d8-02fc950d210f",
"value": "85.95.237.7"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdcb-dd1c-45f5-b945-438d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://wittinhohemmo.net/statement.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdcb-5288-4b24-9a1b-407c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'wittinhohemmo.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"ipv4-addr--59b7cdcf-2978-4f33-ad86-4afe950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"dst_ref": "ipv4-addr--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdcf-2978-4f33-ad86-4afe950d210f",
"value": "47.88.55.29"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdcf-70c8-44e6-ab24-4ab4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://mh-service.ru/canbtcc.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdcf-cc20-4490-b08b-4d4c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'mh-service.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdcf-3558-4a72-b8d6-48a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://alexkreeger.com/golgers.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdcf-42c0-4397-abc4-4c1a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'alexkreeger.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd0-b51c-4cf3-a8a4-47f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://mobius-group.com/ueunyli.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd0-93e8-4f02-b0ac-40b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'mobius-group.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"ipv4-addr--59b7cdd0-f608-4a4f-8d9b-48e7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"dst_ref": "ipv4-addr--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdd0-f608-4a4f-8d9b-48e7950d210f",
"value": "176.56.62.143"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdd1-0d30-4b2b-93fd-473c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"url--59b7cdd1-0d30-4b2b-93fd-473c950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59b7cdd1-0d30-4b2b-93fd-473c950d210f",
"value": "http://185.67.2.156/imageload.cgi"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"ipv4-addr--59b7cdd1-8e08-44b4-9901-47b7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"dst_ref": "ipv4-addr--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdd1-8e08-44b4-9901-47b7950d210f",
"value": "185.67.2.156"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdd1-4710-4396-a9f8-4640950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"url--59b7cdd1-4710-4396-a9f8-4640950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59b7cdd1-4710-4396-a9f8-4640950d210f",
"value": "http://217.106.238.89/imageload.cgi"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"first_observed": "2017-09-12T13:42:21Z",
"last_observed": "2017-09-12T13:42:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"ipv4-addr--59b7cdd1-c658-4f5b-829d-4f4a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"dst_ref": "ipv4-addr--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59b7cdd1-c658-4f5b-829d-4f4a950d210f",
"value": "217.106.238.89"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd2-0c70-4e13-b411-4827950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://euqfwticrd.su/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd2-c7c0-4759-99ab-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'euqfwticrd.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd2-5740-4a39-b4a3-4510950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://qljsukddh.ru/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd2-b684-4131-b644-4f27950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'qljsukddh.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd2-3674-4aca-b0ee-496c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://vbquoegxdqmhbs.work/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd3-3f70-467f-a10a-46f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'vbquoegxdqmhbs.work']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd3-fc6c-438b-b2a3-4e4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://xpjsvwvxsbnv.biz/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd3-4734-4a8d-b36c-02b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'xpjsvwvxsbnv.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd3-e358-403a-b14f-4d4e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://uoivdwisd.pl/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd3-0184-462f-94f9-4038950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'uoivdwisd.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd4-a1d0-4d08-982c-4f37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://dkbclsxl.su/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd4-2508-45bf-9db1-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'dkbclsxl.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd4-e0e8-4cea-9bfc-4f33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://xsmoouv.su/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd4-3bd0-40e9-9c85-4b76950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'xsmoouv.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd4-9a94-4326-9774-4efa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://lkqmqgbpdle.su/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd5-88f4-4857-841e-4ae6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'lkqmqgbpdle.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd5-6288-407d-97fa-4c65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://opwpsjnhkshl.xyz/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd5-f264-42de-8b18-42d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'opwpsjnhkshl.xyz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd5-ed54-4f4d-87ad-02fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://bhetakwouno.info/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd5-1b78-41c7-a1df-44c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'bhetakwouno.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd5-26ac-4de8-94e5-4cdc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://wnobheuejtidtiip.info/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd6-3674-4fbb-badf-4336950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'wnobheuejtidtiip.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd6-6758-4ca5-9837-47fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[url:value = 'http://ixgolywnbwvwmtu.org/imageload.cgi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7cdd6-adcc-4b9e-96d9-4633950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:21.000Z",
"modified": "2017-09-12T13:42:21.000Z",
"pattern": "[domain-name:value = 'ixgolywnbwvwmtu.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7e43f-5b98-4145-aa0c-453502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:23.000Z",
"modified": "2017-09-12T13:42:23.000Z",
"description": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707",
"pattern": "[file:hashes.SHA256 = '5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b7e43f-f7f8-42ac-bc85-4ec302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:23.000Z",
"modified": "2017-09-12T13:42:23.000Z",
"description": "- Xchecked via VT: 230606dd8b0d62e2a8a04ef61b2d8707",
"pattern": "[file:hashes.SHA1 = '5c50cdad090de913d0c87edeb392c8df1af9f5c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-09-12T13:42:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59b7e43f-fb38-4b54-a271-4e5702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-09-12T13:42:23.000Z",
"modified": "2017-09-12T13:42:23.000Z",
"first_observed": "2017-09-12T13:42:23Z",
"last_observed": "2017-09-12T13:42:23Z",
"number_observed": 1,
"object_refs": [
"url--59b7e43f-fb38-4b54-a271-4e5702de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59b7e43f-fb38-4b54-a271-4e5702de0b81",
"value": "https://www.virustotal.com/file/5bf84469051c85bd684e03eb46f774cb1e913884c95acf7b210a8a4469da8d9f/analysis/1505217371/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}