adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/59dce1ec-b998-42ad-ba4f-48a4950d210f.json

1881 lines
No EOL
75 KiB
JSON
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--59dce1ec-b998-42ad-ba4f-48a4950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:46.000Z",
"modified": "2017-10-12T17:42:46.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--59dce1ec-b998-42ad-ba4f-48a4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:46.000Z",
"modified": "2017-10-12T17:42:46.000Z",
"name": "M2M - Locky Affid=3, \"asasin\" / Trickbot \"mac1\" 2017-10-10 : \"Status of invoice A2171234-56\" - \"A2171234-56.html\"",
"published": "2017-10-12T17:45:27Z",
"object_refs": [
"indicator--59dce1ed-5068-4bb6-ae81-88d9950d210f",
"indicator--59dce1ed-5884-4f7f-9514-40f7950d210f",
"indicator--59dce1ed-9cd4-4502-bdd0-2dd8950d210f",
"indicator--59dce1ee-3604-4fcc-8698-8864950d210f",
"observed-data--59dce1ee-55a0-4080-8e5d-4451950d210f",
"network-traffic--59dce1ee-55a0-4080-8e5d-4451950d210f",
"ipv4-addr--59dce1ee-55a0-4080-8e5d-4451950d210f",
"indicator--59dce1ee-0ca4-4f87-801f-4d49950d210f",
"indicator--59dce1ee-da50-4838-9947-86c4950d210f",
"observed-data--59dce1ef-9a6c-4720-b747-8751950d210f",
"network-traffic--59dce1ef-9a6c-4720-b747-8751950d210f",
"ipv4-addr--59dce1ef-9a6c-4720-b747-8751950d210f",
"indicator--59dce1ef-5f64-4c61-abf5-48c0950d210f",
"indicator--59dce1ef-5664-4fd4-9223-88d9950d210f",
"observed-data--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"network-traffic--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"ipv4-addr--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"indicator--59dce1f0-51a8-43ff-96d9-88a8950d210f",
"indicator--59dce1f0-3878-46ff-9f53-2dd8950d210f",
"observed-data--59dce1f1-bf80-4f79-9f29-8864950d210f",
"network-traffic--59dce1f1-bf80-4f79-9f29-8864950d210f",
"ipv4-addr--59dce1f1-bf80-4f79-9f29-8864950d210f",
"indicator--59dce1f1-5920-4d31-8770-4099950d210f",
"indicator--59dce1f1-b9a4-4399-a3df-465f950d210f",
"observed-data--59dce1f1-48fc-42cd-9241-86c4950d210f",
"network-traffic--59dce1f1-48fc-42cd-9241-86c4950d210f",
"ipv4-addr--59dce1f1-48fc-42cd-9241-86c4950d210f",
"indicator--59dce1f2-e3c4-4a33-9993-8928950d210f",
"observed-data--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"network-traffic--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"ipv4-addr--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"observed-data--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"network-traffic--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"ipv4-addr--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"observed-data--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"network-traffic--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"ipv4-addr--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"observed-data--59dce1f3-c030-49ca-8680-2dd8950d210f",
"network-traffic--59dce1f3-c030-49ca-8680-2dd8950d210f",
"ipv4-addr--59dce1f3-c030-49ca-8680-2dd8950d210f",
"observed-data--59dce1f3-b044-494d-b1f5-882b950d210f",
"network-traffic--59dce1f3-b044-494d-b1f5-882b950d210f",
"ipv4-addr--59dce1f3-b044-494d-b1f5-882b950d210f",
"observed-data--59dce1f3-b708-42b2-aa22-8864950d210f",
"network-traffic--59dce1f3-b708-42b2-aa22-8864950d210f",
"ipv4-addr--59dce1f3-b708-42b2-aa22-8864950d210f",
"observed-data--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"network-traffic--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"ipv4-addr--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"observed-data--59dce1f4-ddb0-4809-af2c-426a950d210f",
"network-traffic--59dce1f4-ddb0-4809-af2c-426a950d210f",
"ipv4-addr--59dce1f4-ddb0-4809-af2c-426a950d210f",
"observed-data--59dce1f4-b930-4908-832d-86c4950d210f",
"network-traffic--59dce1f4-b930-4908-832d-86c4950d210f",
"ipv4-addr--59dce1f4-b930-4908-832d-86c4950d210f",
"observed-data--59dce1f4-19ec-4e92-ab91-8928950d210f",
"network-traffic--59dce1f4-19ec-4e92-ab91-8928950d210f",
"ipv4-addr--59dce1f4-19ec-4e92-ab91-8928950d210f",
"observed-data--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"network-traffic--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"ipv4-addr--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"observed-data--59dce1f5-6bac-4868-8c1b-878f950d210f",
"network-traffic--59dce1f5-6bac-4868-8c1b-878f950d210f",
"ipv4-addr--59dce1f5-6bac-4868-8c1b-878f950d210f",
"observed-data--59dce1f5-7e64-4081-8e0b-8751950d210f",
"network-traffic--59dce1f5-7e64-4081-8e0b-8751950d210f",
"ipv4-addr--59dce1f5-7e64-4081-8e0b-8751950d210f",
"observed-data--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"network-traffic--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"ipv4-addr--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"observed-data--59dce1f6-a098-4022-83b5-88d9950d210f",
"network-traffic--59dce1f6-a098-4022-83b5-88d9950d210f",
"ipv4-addr--59dce1f6-a098-4022-83b5-88d9950d210f",
"observed-data--59dce1f6-3e54-4802-ad22-47f3950d210f",
"network-traffic--59dce1f6-3e54-4802-ad22-47f3950d210f",
"ipv4-addr--59dce1f6-3e54-4802-ad22-47f3950d210f",
"observed-data--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"network-traffic--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"ipv4-addr--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"observed-data--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"network-traffic--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"ipv4-addr--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"observed-data--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"network-traffic--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"ipv4-addr--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"observed-data--59dce1f7-15d4-473c-8767-88a8950d210f",
"network-traffic--59dce1f7-15d4-473c-8767-88a8950d210f",
"ipv4-addr--59dce1f7-15d4-473c-8767-88a8950d210f",
"observed-data--59dce1f7-5fbc-4033-8810-4e37950d210f",
"network-traffic--59dce1f7-5fbc-4033-8810-4e37950d210f",
"ipv4-addr--59dce1f7-5fbc-4033-8810-4e37950d210f",
"observed-data--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"network-traffic--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"ipv4-addr--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"observed-data--59dce1f8-8278-4898-8735-431c950d210f",
"network-traffic--59dce1f8-8278-4898-8735-431c950d210f",
"ipv4-addr--59dce1f8-8278-4898-8735-431c950d210f",
"observed-data--59dce1f8-612c-40b0-832f-8928950d210f",
"network-traffic--59dce1f8-612c-40b0-832f-8928950d210f",
"ipv4-addr--59dce1f8-612c-40b0-832f-8928950d210f",
"observed-data--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"network-traffic--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"ipv4-addr--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"observed-data--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"network-traffic--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"ipv4-addr--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"observed-data--59dce1f9-d490-465a-8e0f-88d9950d210f",
"network-traffic--59dce1f9-d490-465a-8e0f-88d9950d210f",
"ipv4-addr--59dce1f9-d490-465a-8e0f-88d9950d210f",
"observed-data--59dce1f9-5ef4-463a-9681-4185950d210f",
"network-traffic--59dce1f9-5ef4-463a-9681-4185950d210f",
"ipv4-addr--59dce1f9-5ef4-463a-9681-4185950d210f",
"observed-data--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"network-traffic--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"ipv4-addr--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"observed-data--59dce1f9-0958-44ea-9c34-88a8950d210f",
"network-traffic--59dce1f9-0958-44ea-9c34-88a8950d210f",
"ipv4-addr--59dce1f9-0958-44ea-9c34-88a8950d210f",
"observed-data--59dce1fa-4cec-484d-8f70-8864950d210f",
"network-traffic--59dce1fa-4cec-484d-8f70-8864950d210f",
"ipv4-addr--59dce1fa-4cec-484d-8f70-8864950d210f",
"observed-data--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"network-traffic--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"ipv4-addr--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"indicator--59dfa990-1d08-410c-9aa9-36f102de0b81",
"indicator--59dfa990-2bd4-419c-a817-36f102de0b81",
"observed-data--59dfa990-de4c-4dcd-852f-36f102de0b81",
"url--59dfa990-de4c-4dcd-852f-36f102de0b81",
"indicator--59dfa990-22d4-41bc-aeaf-36f102de0b81",
"indicator--59dfa990-dd38-4234-baa7-36f102de0b81",
"observed-data--59dfa990-db78-4b97-a870-36f102de0b81",
"url--59dfa990-db78-4b97-a870-36f102de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Locky\"",
"misp-galaxy:tool=\"Trick Bot\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ed-5068-4bb6-ae81-88d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[file:hashes.MD5 = 'a85fa294fa2d4d48565cd78b4950695d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ed-5884-4f7f-9514-40f7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[file:hashes.MD5 = '554a8eabcb28deeb57d70a3c1d6c3a5d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ed-9cd4-4502-bdd0-2dd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[url:value = 'http://haproprab.net/js/*']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ee-3604-4fcc-8698-8864950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[domain-name:value = 'haproprab.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1ee-55a0-4080-8e5d-4451950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1ee-55a0-4080-8e5d-4451950d210f",
"ipv4-addr--59dce1ee-55a0-4080-8e5d-4451950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1ee-55a0-4080-8e5d-4451950d210f",
"dst_ref": "ipv4-addr--59dce1ee-55a0-4080-8e5d-4451950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1ee-55a0-4080-8e5d-4451950d210f",
"value": "49.51.134.194"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ee-0ca4-4f87-801f-4d49950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[url:value = 'http://yamanashi-jyujin.jp/l0.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ee-da50-4838-9947-86c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[domain-name:value = 'yamanashi-jyujin.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1ef-9a6c-4720-b747-8751950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1ef-9a6c-4720-b747-8751950d210f",
"ipv4-addr--59dce1ef-9a6c-4720-b747-8751950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1ef-9a6c-4720-b747-8751950d210f",
"dst_ref": "ipv4-addr--59dce1ef-9a6c-4720-b747-8751950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1ef-9a6c-4720-b747-8751950d210f",
"value": "180.222.185.74"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ef-5f64-4c61-abf5-48c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[url:value = 'http://smi-wi.com/l0.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1ef-5664-4fd4-9223-88d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[domain-name:value = 'smi-wi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"ipv4-addr--59dce1f0-0134-47a1-bdeb-4f44950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"dst_ref": "ipv4-addr--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f0-0134-47a1-bdeb-4f44950d210f",
"value": "72.52.195.204"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1f0-51a8-43ff-96d9-88a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[url:value = 'http://qxr33qxr.com/b0.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1f0-3878-46ff-9f53-2dd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[domain-name:value = 'qxr33qxr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f1-bf80-4f79-9f29-8864950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f1-bf80-4f79-9f29-8864950d210f",
"ipv4-addr--59dce1f1-bf80-4f79-9f29-8864950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f1-bf80-4f79-9f29-8864950d210f",
"dst_ref": "ipv4-addr--59dce1f1-bf80-4f79-9f29-8864950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f1-bf80-4f79-9f29-8864950d210f",
"value": "67.210.102.240"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1f1-5920-4d31-8770-4099950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[url:value = 'http://mtblanc-let.co.uk/b0.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1f1-b9a4-4399-a3df-465f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[domain-name:value = 'mtblanc-let.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f1-48fc-42cd-9241-86c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f1-48fc-42cd-9241-86c4950d210f",
"ipv4-addr--59dce1f1-48fc-42cd-9241-86c4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f1-48fc-42cd-9241-86c4950d210f",
"dst_ref": "ipv4-addr--59dce1f1-48fc-42cd-9241-86c4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f1-48fc-42cd-9241-86c4950d210f",
"value": "217.199.175.27"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dce1f2-e3c4-4a33-9993-8928950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"pattern": "[url:value = 'http://haproprab.net/eroorrrs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"ipv4-addr--59dce1f2-2c5c-4b69-bed3-4555950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"dst_ref": "ipv4-addr--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f2-2c5c-4b69-bed3-4555950d210f",
"value": "91.83.88.51"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"ipv4-addr--59dce1f2-5430-4e13-abe2-4cf7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"dst_ref": "ipv4-addr--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f2-5430-4e13-abe2-4cf7950d210f",
"value": "46.237.117.193"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"ipv4-addr--59dce1f2-5704-4cf0-b1b7-48a7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"dst_ref": "ipv4-addr--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f2-5704-4cf0-b1b7-48a7950d210f",
"value": "79.170.7.139"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f3-c030-49ca-8680-2dd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f3-c030-49ca-8680-2dd8950d210f",
"ipv4-addr--59dce1f3-c030-49ca-8680-2dd8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f3-c030-49ca-8680-2dd8950d210f",
"dst_ref": "ipv4-addr--59dce1f3-c030-49ca-8680-2dd8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f3-c030-49ca-8680-2dd8950d210f",
"value": "41.57.103.218"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f3-b044-494d-b1f5-882b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f3-b044-494d-b1f5-882b950d210f",
"ipv4-addr--59dce1f3-b044-494d-b1f5-882b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f3-b044-494d-b1f5-882b950d210f",
"dst_ref": "ipv4-addr--59dce1f3-b044-494d-b1f5-882b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f3-b044-494d-b1f5-882b950d210f",
"value": "196.202.194.202"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f3-b708-42b2-aa22-8864950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f3-b708-42b2-aa22-8864950d210f",
"ipv4-addr--59dce1f3-b708-42b2-aa22-8864950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f3-b708-42b2-aa22-8864950d210f",
"dst_ref": "ipv4-addr--59dce1f3-b708-42b2-aa22-8864950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f3-b708-42b2-aa22-8864950d210f",
"value": "46.20.56.239"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"ipv4-addr--59dce1f3-4aa4-48d8-b1f5-4e89950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"dst_ref": "ipv4-addr--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f3-4aa4-48d8-b1f5-4e89950d210f",
"value": "176.120.126.21"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f4-ddb0-4809-af2c-426a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f4-ddb0-4809-af2c-426a950d210f",
"ipv4-addr--59dce1f4-ddb0-4809-af2c-426a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f4-ddb0-4809-af2c-426a950d210f",
"dst_ref": "ipv4-addr--59dce1f4-ddb0-4809-af2c-426a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f4-ddb0-4809-af2c-426a950d210f",
"value": "91.239.249.118"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f4-b930-4908-832d-86c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f4-b930-4908-832d-86c4950d210f",
"ipv4-addr--59dce1f4-b930-4908-832d-86c4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f4-b930-4908-832d-86c4950d210f",
"dst_ref": "ipv4-addr--59dce1f4-b930-4908-832d-86c4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f4-b930-4908-832d-86c4950d210f",
"value": "194.87.103.184"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f4-19ec-4e92-ab91-8928950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f4-19ec-4e92-ab91-8928950d210f",
"ipv4-addr--59dce1f4-19ec-4e92-ab91-8928950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f4-19ec-4e92-ab91-8928950d210f",
"dst_ref": "ipv4-addr--59dce1f4-19ec-4e92-ab91-8928950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f4-19ec-4e92-ab91-8928950d210f",
"value": "92.63.102.64"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"ipv4-addr--59dce1f4-8ec4-40ec-8803-2fc8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"dst_ref": "ipv4-addr--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f4-8ec4-40ec-8803-2fc8950d210f",
"value": "194.87.238.53"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f5-6bac-4868-8c1b-878f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f5-6bac-4868-8c1b-878f950d210f",
"ipv4-addr--59dce1f5-6bac-4868-8c1b-878f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f5-6bac-4868-8c1b-878f950d210f",
"dst_ref": "ipv4-addr--59dce1f5-6bac-4868-8c1b-878f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f5-6bac-4868-8c1b-878f950d210f",
"value": "92.63.102.159"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f5-7e64-4081-8e0b-8751950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f5-7e64-4081-8e0b-8751950d210f",
"ipv4-addr--59dce1f5-7e64-4081-8e0b-8751950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f5-7e64-4081-8e0b-8751950d210f",
"dst_ref": "ipv4-addr--59dce1f5-7e64-4081-8e0b-8751950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f5-7e64-4081-8e0b-8751950d210f",
"value": "194.87.232.219"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"ipv4-addr--59dce1f5-bc8c-441f-a2d8-4150950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"dst_ref": "ipv4-addr--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f5-bc8c-441f-a2d8-4150950d210f",
"value": "149.154.69.70"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f6-a098-4022-83b5-88d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f6-a098-4022-83b5-88d9950d210f",
"ipv4-addr--59dce1f6-a098-4022-83b5-88d9950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f6-a098-4022-83b5-88d9950d210f",
"dst_ref": "ipv4-addr--59dce1f6-a098-4022-83b5-88d9950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f6-a098-4022-83b5-88d9950d210f",
"value": "78.24.223.153"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f6-3e54-4802-ad22-47f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f6-3e54-4802-ad22-47f3950d210f",
"ipv4-addr--59dce1f6-3e54-4802-ad22-47f3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f6-3e54-4802-ad22-47f3950d210f",
"dst_ref": "ipv4-addr--59dce1f6-3e54-4802-ad22-47f3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f6-3e54-4802-ad22-47f3950d210f",
"value": "194.87.92.207"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"ipv4-addr--59dce1f6-bcb0-4147-bd09-47d9950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"dst_ref": "ipv4-addr--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f6-bcb0-4147-bd09-47d9950d210f",
"value": "194.87.94.239"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"ipv4-addr--59dce1f7-79c4-4b32-92c8-2dd8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"dst_ref": "ipv4-addr--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f7-79c4-4b32-92c8-2dd8950d210f",
"value": "195.133.147.238"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"ipv4-addr--59dce1f7-0c7c-4db1-a96b-882b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"dst_ref": "ipv4-addr--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f7-0c7c-4db1-a96b-882b950d210f",
"value": "62.109.15.132"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f7-15d4-473c-8767-88a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f7-15d4-473c-8767-88a8950d210f",
"ipv4-addr--59dce1f7-15d4-473c-8767-88a8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f7-15d4-473c-8767-88a8950d210f",
"dst_ref": "ipv4-addr--59dce1f7-15d4-473c-8767-88a8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f7-15d4-473c-8767-88a8950d210f",
"value": "194.87.236.240"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f7-5fbc-4033-8810-4e37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f7-5fbc-4033-8810-4e37950d210f",
"ipv4-addr--59dce1f7-5fbc-4033-8810-4e37950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f7-5fbc-4033-8810-4e37950d210f",
"dst_ref": "ipv4-addr--59dce1f7-5fbc-4033-8810-4e37950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f7-5fbc-4033-8810-4e37950d210f",
"value": "62.109.6.237"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"ipv4-addr--59dce1f8-069c-4aa2-8cc6-468d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"dst_ref": "ipv4-addr--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f8-069c-4aa2-8cc6-468d950d210f",
"value": "149.154.69.47"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f8-8278-4898-8735-431c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f8-8278-4898-8735-431c950d210f",
"ipv4-addr--59dce1f8-8278-4898-8735-431c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f8-8278-4898-8735-431c950d210f",
"dst_ref": "ipv4-addr--59dce1f8-8278-4898-8735-431c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f8-8278-4898-8735-431c950d210f",
"value": "82.146.47.121"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f8-612c-40b0-832f-8928950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f8-612c-40b0-832f-8928950d210f",
"ipv4-addr--59dce1f8-612c-40b0-832f-8928950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f8-612c-40b0-832f-8928950d210f",
"dst_ref": "ipv4-addr--59dce1f8-612c-40b0-832f-8928950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f8-612c-40b0-832f-8928950d210f",
"value": "78.24.216.250"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"ipv4-addr--59dce1f8-9778-4d26-9d0e-2fc8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"dst_ref": "ipv4-addr--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f8-9778-4d26-9d0e-2fc8950d210f",
"value": "82.146.56.218"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:39.000Z",
"modified": "2017-10-12T17:42:39.000Z",
"first_observed": "2017-10-12T17:42:39Z",
"last_observed": "2017-10-12T17:42:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"ipv4-addr--59dce1f8-d3a8-4521-ad5f-8751950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"dst_ref": "ipv4-addr--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f8-d3a8-4521-ad5f-8751950d210f",
"value": "185.159.131.198"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f9-d490-465a-8e0f-88d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f9-d490-465a-8e0f-88d9950d210f",
"ipv4-addr--59dce1f9-d490-465a-8e0f-88d9950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f9-d490-465a-8e0f-88d9950d210f",
"dst_ref": "ipv4-addr--59dce1f9-d490-465a-8e0f-88d9950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f9-d490-465a-8e0f-88d9950d210f",
"value": "194.87.146.32"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f9-5ef4-463a-9681-4185950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f9-5ef4-463a-9681-4185950d210f",
"ipv4-addr--59dce1f9-5ef4-463a-9681-4185950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f9-5ef4-463a-9681-4185950d210f",
"dst_ref": "ipv4-addr--59dce1f9-5ef4-463a-9681-4185950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f9-5ef4-463a-9681-4185950d210f",
"value": "5.133.179.77"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"ipv4-addr--59dce1f9-012c-4a8e-a8a4-2dd8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"dst_ref": "ipv4-addr--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f9-012c-4a8e-a8a4-2dd8950d210f",
"value": "94.242.224.214"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1f9-0958-44ea-9c34-88a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1f9-0958-44ea-9c34-88a8950d210f",
"ipv4-addr--59dce1f9-0958-44ea-9c34-88a8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1f9-0958-44ea-9c34-88a8950d210f",
"dst_ref": "ipv4-addr--59dce1f9-0958-44ea-9c34-88a8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1f9-0958-44ea-9c34-88a8950d210f",
"value": "194.87.92.242"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1fa-4cec-484d-8f70-8864950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1fa-4cec-484d-8f70-8864950d210f",
"ipv4-addr--59dce1fa-4cec-484d-8f70-8864950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1fa-4cec-484d-8f70-8864950d210f",
"dst_ref": "ipv4-addr--59dce1fa-4cec-484d-8f70-8864950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1fa-4cec-484d-8f70-8864950d210f",
"value": "195.133.146.236"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"ipv4-addr--59dce1fa-4d8c-488c-9ad6-4b09950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"dst_ref": "ipv4-addr--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59dce1fa-4d8c-488c-9ad6-4b09950d210f",
"value": "193.124.117.238"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa990-1d08-410c-9aa9-36f102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"description": "- Xchecked via VT: 554a8eabcb28deeb57d70a3c1d6c3a5d",
"pattern": "[file:hashes.SHA256 = 'aace7044f2f3cd7bb109a2e5d494ac86d952e0eaa13ce8d6abd7e4744f2ede10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa990-2bd4-419c-a817-36f102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"description": "- Xchecked via VT: 554a8eabcb28deeb57d70a3c1d6c3a5d",
"pattern": "[file:hashes.SHA1 = '47dde438bfb84ef917b8beadf5fde3f0f503c013']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dfa990-de4c-4dcd-852f-36f102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"url--59dfa990-de4c-4dcd-852f-36f102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59dfa990-de4c-4dcd-852f-36f102de0b81",
"value": "https://www.virustotal.com/file/aace7044f2f3cd7bb109a2e5d494ac86d952e0eaa13ce8d6abd7e4744f2ede10/analysis/1507712630/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa990-22d4-41bc-aeaf-36f102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"description": "- Xchecked via VT: a85fa294fa2d4d48565cd78b4950695d",
"pattern": "[file:hashes.SHA256 = '10bed3e54c61088d5dc0d1be55da154efbcb32130ebf228e446fc97f5787e7a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa990-dd38-4234-baa7-36f102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"description": "- Xchecked via VT: a85fa294fa2d4d48565cd78b4950695d",
"pattern": "[file:hashes.SHA1 = '0db85dd510c03b3642bd7d1f214bade1a2574106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dfa990-db78-4b97-a870-36f102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:40.000Z",
"modified": "2017-10-12T17:42:40.000Z",
"first_observed": "2017-10-12T17:42:40Z",
"last_observed": "2017-10-12T17:42:40Z",
"number_observed": 1,
"object_refs": [
"url--59dfa990-db78-4b97-a870-36f102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59dfa990-db78-4b97-a870-36f102de0b81",
"value": "https://www.virustotal.com/file/10bed3e54c61088d5dc0d1be55da154efbcb32130ebf228e446fc97f5787e7a0/analysis/1507712666/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink