misp-circl-feed/feeds/circl/stix-2.1/5d24b8a7-5294-4ff6-8613-211f950d210f.json

700 lines
No EOL
28 KiB
JSON

{
"type": "bundle",
"id": "bundle--5d24b8a7-5294-4ff6-8613-211f950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--5d24b8a7-5294-4ff6-8613-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"name": "OSINT - Anubis Android Malware Returns with Over 17,000 Samples",
"context": "suspicious-activity",
"object_refs": [
"indicator--5d24b8c5-a738-4894-a073-4337950d210f",
"indicator--5d24b8c5-895c-4958-abc6-4be3950d210f",
"indicator--5d24b8c5-a00c-4da3-a5b8-4663950d210f",
"indicator--5d24b8c5-615c-4c8f-acaa-48fb950d210f",
"indicator--5d24b8c5-7594-41c7-8aa9-4788950d210f",
"indicator--5d24b8c5-0e58-4e71-bc50-4907950d210f",
"indicator--5d24b8c5-e284-46ec-ae6f-43ec950d210f",
"indicator--5d24b8c5-1368-4fcc-b3e0-4eae950d210f",
"indicator--5d24b8c5-1a5c-47d2-a06b-4ec2950d210f",
"indicator--5d24b8c6-4a9c-4605-98aa-40f1950d210f",
"indicator--5d24b8c6-9994-49c6-821a-4d73950d210f",
"indicator--5d24b8c6-b68c-4143-b2d1-4a44950d210f",
"indicator--5d24b8c6-93d8-4dcb-a696-452a950d210f",
"indicator--5d24b8c6-5030-4c2a-9c8f-4005950d210f",
"indicator--5d24b8c6-6490-4d90-a40a-4232950d210f",
"indicator--5d24b8c6-b10c-403a-ba62-4c28950d210f",
"indicator--5d24b8c6-ec7c-4189-b16d-4e54950d210f",
"indicator--5d24b8c6-6d74-4fe7-8a0b-4e9c950d210f",
"observed-data--5d24bd0f-2818-4734-a6e8-44b0950d210f",
"url--5d24bd0f-2818-4734-a6e8-44b0950d210f",
"indicator--5d24bd2c-2760-434d-9689-211f950d210f",
"indicator--5d24bd2d-a8c8-4daf-8945-211f950d210f",
"indicator--5d24bd2d-379c-499c-9bfa-211f950d210f",
"indicator--5d24bd2d-aae8-4207-babb-211f950d210f",
"indicator--5d24bd2d-5a80-4cc5-b90d-211f950d210f",
"indicator--5d24bd2d-9f80-47b1-ab7d-211f950d210f",
"indicator--5d24bd2d-baa8-460f-837b-211f950d210f",
"indicator--5d24bd2d-39d0-4492-987d-211f950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"ms-caro-malware:malware-platform=\"AndroidOS\"",
"misp-galaxy:malpedia=\"Anubis\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-a738-4894-a073-4337950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[file:hashes.SHA256 = '9046270d735579bcedb6bb7c0a2ad21f9b5ef9432e46e733b36de964aecd3abc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-895c-4958-abc6-4be3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[file:hashes.SHA256 = '6079af3bab8bb0ba445cd0dd896d8c8d7845da3757755b4ef3af584d227e0490']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-a00c-4da3-a5b8-4663950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[file:hashes.SHA256 = '1acca6953081cfc12d5cbeda1990b93b3298b1adc3c6ffad624e454f5854736f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-615c-4c8f-acaa-48fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[file:hashes.SHA256 = 'f767baadda60c618d7e14461831e7371a54cdf152b1fd5eb52a8aa4bb7300227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-7594-41c7-8aa9-4788950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[url:value = 'http://demo.website.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-0e58-4e71-bc50-4907950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[url:value = 'http://ktosdelaetskrintotpidor.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-e284-46ec-ae6f-43ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[url:value = 'http://marksteylor.us/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-1368-4fcc-b3e0-4eae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[url:value = 'http://sositehuypidarasi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c5-1a5c-47d2-a06b-4ec2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[url:value = 'https://blackleaf.top']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-4a9c-4605-98aa-40f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:45.000Z",
"modified": "2019-07-09T15:54:45.000Z",
"pattern": "[url:value = 'https://firstdoxed.space']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-9994-49c6-821a-4d73950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://lskbfidsbvkjsfgakfjsdffsdfupdate.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-b68c-4143-b2d1-4a44950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://lskbfidsbvkjsfgakfjsdffsdfupdate.net/o1o/a16.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-93d8-4dcb-a696-452a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://ndudetto.top']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-5030-4c2a-9c8f-4005950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://playclints1.space']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-6490-4d90-a40a-4232950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://sositehuypidarasi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-b10c-403a-ba62-4c28950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://t.me/newpaparoni']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-ec7c-4189-b16d-4e54950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://t.me/thethe123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24b8c6-6d74-4fe7-8a0b-4e9c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T15:54:46.000Z",
"modified": "2019-07-09T15:54:46.000Z",
"pattern": "[url:value = 'https://t.me/unite11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T15:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5d24bd0f-2818-4734-a6e8-44b0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:03.000Z",
"modified": "2019-07-09T16:13:03.000Z",
"first_observed": "2019-07-09T16:13:03Z",
"last_observed": "2019-07-09T16:13:03Z",
"number_observed": 1,
"object_refs": [
"url--5d24bd0f-2818-4734-a6e8-44b0950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5d24bd0f-2818-4734-a6e8-44b0950d210f",
"value": "https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2c-2760-434d-9689-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:32.000Z",
"modified": "2019-07-09T16:13:32.000Z",
"pattern": "[file:hashes.SHA256 = '30b0b3b0d4733f3b94517ab4e407214e82abf6aad3adf918717ff842e28d672f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2d-a8c8-4daf-8945-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"pattern": "[file:hashes.SHA256 = '451194f0d9b902b6763762023ca02f6539fc72276347b8a8aed3a901bece4892']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2d-379c-499c-9bfa-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"pattern": "[url:value = 'http://markuezdnbrs.online/deneme/api.php?xml=8c6c029e-153b-41e1-a061-2699a45b69f9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2d-aae8-4207-babb-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"pattern": "[url:value = 'http://successiondar.xyz/continuing/resigned.php?xml=7e393286-925c-41f4-ac81-b7e2625473d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2d-5a80-4cc5-b90d-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"pattern": "[url:value = 'http://markuezdnbrs.online/deneme/apk/6928.apk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2d-9f80-47b1-ab7d-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"pattern": "[url:value = 'http://successiondar.xyz/continuing/kan/5425.apk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2d-baa8-460f-837b-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"pattern": "[url:value = 'http://markuezdnbrs.online/deneme/apk/[0-7810]']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d24bd2d-39d0-4492-987d-211f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2019-07-09T16:13:33.000Z",
"modified": "2019-07-09T16:13:33.000Z",
"pattern": "[url:value = 'http://successiondar.xyz/continuing/kan/[2-9680]']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-09T16:13:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}