adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/d353f73e-4c80-4cc8-84c1-940b4899df95.json

37855 lines
No EOL
1.5 MiB
Raw Permalink Blame History

{
"type": "bundle",
"id": "bundle--d353f73e-4c80-4cc8-84c1-940b4899df95",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:42:53.000Z",
"modified": "2020-10-29T17:42:53.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--d353f73e-4c80-4cc8-84c1-940b4899df95",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:42:53.000Z",
"modified": "2020-10-29T17:42:53.000Z",
"name": "unc1878 - ryuk",
"published": "2020-10-29T17:44:17Z",
"object_refs": [
"indicator--0e510cf4-0a8b-40bb-b87d-84b5bb069de5",
"indicator--b79abda0-8991-44d2-80b9-01ae6e139015",
"indicator--8029ea29-849e-4296-acc8-e04fc939c9ca",
"indicator--00470e52-9e40-4b33-8fbf-cf1a2a15cef7",
"indicator--d7f03305-111e-4039-81f4-8a883fae581f",
"indicator--bb42dd19-4a0d-4f38-b5ed-aa4a02a10447",
"indicator--1668e9be-e479-492b-a9f6-c9809c9d8516",
"indicator--c59fc97a-34ba-49db-98c5-0e7b86739150",
"indicator--e49f8c80-7a38-4181-9891-75fcc0eaec25",
"indicator--51178cad-6faa-418b-86e3-1679f64ec108",
"indicator--cb0ee1c3-3e0b-44d7-891d-5c3382d046a7",
"indicator--bbc8a1e5-9390-40f6-9c1a-1fcd62ab7742",
"indicator--aef5fcd8-349b-40e0-bbf3-d64ad63e7b4e",
"indicator--be6fe921-a05c-42b3-a4e4-7df07a79f208",
"indicator--ad01529e-aaaf-47db-bb7e-e0979e8158a2",
"indicator--9fd10fb4-99a0-403e-aca8-43272b2db140",
"indicator--6d21d45a-98cd-4912-b0f9-b2e2b425ef53",
"indicator--bd5c742f-cf37-434e-ada2-83a8304efa59",
"indicator--31829be6-f86e-40d7-a62e-a6650c38af17",
"indicator--8d00cfbc-906c-4e10-9c30-4059122e44f9",
"indicator--b5de8771-cbc7-4d84-863a-8a13ecbb0c7c",
"indicator--9607f014-e703-47b3-91a8-638fe1963433",
"indicator--d9255ec3-f159-4117-8aad-22125bdade7f",
"indicator--53eeaa71-0322-4a27-9c77-74b9f9be932d",
"indicator--f0999aad-5a2b-4be2-b1b4-4ebaa9d153c7",
"indicator--396083a5-6709-49a7-8da4-af9ab0518b21",
"indicator--0518e865-cb65-491f-9a6f-8c19692f9fa5",
"indicator--ce0abd7a-c23f-4db1-946e-1056e7616ab2",
"indicator--721db859-6c01-40c8-96c5-8da9ad5e8fa9",
"indicator--fed2f4d7-b8f7-4e8a-921f-6f4458b4f9a0",
"indicator--8465c022-87fa-4d2d-92fe-2e863899f4a6",
"indicator--78d4f999-2916-4b0b-910e-452cfa77ccd3",
"indicator--f5ef8640-e988-4c92-bf42-3870270eeba4",
"indicator--0f331f07-89b9-43ea-9785-ea30416d5358",
"indicator--cae10b32-1fcf-4610-931c-020e72922680",
"indicator--3e0bb93c-d446-4d33-9b00-d27e4f07690d",
"indicator--f6618925-8e7d-4c30-9786-d8512b129f03",
"indicator--e9107ca8-b2c0-48a0-95e2-87141a397256",
"indicator--fd1247d9-76c1-4cb7-8c21-3c6a61dddbd9",
"indicator--a1f78f35-78f5-46e3-be73-feee4f541636",
"indicator--cdad0744-57a9-4f43-802d-e096b0c1b936",
"indicator--42c05f50-7958-4f2e-b2e9-c241c0a0c9ab",
"indicator--2193c9bc-881e-4c91-bf0c-c11b2c6d852b",
"indicator--af49652e-ac6c-40d3-8aa7-dad5b3210ca8",
"indicator--91599026-7e02-4a7a-b960-f4083ca418c1",
"indicator--21286784-2392-4cf8-9f2f-711a0baa553a",
"indicator--96b299a1-c189-44be-9e92-a8e62f75f073",
"indicator--385c2b7a-5245-4864-9336-40a06ca97a83",
"indicator--db09395f-95ee-4722-ae6d-2cabd7994444",
"indicator--2d64f34a-c01b-41b8-8492-1adb11c9dafe",
"indicator--156f8a3c-2eb9-4b94-95a8-02dbc283e05b",
"indicator--d3950c70-68fd-493d-9806-1d4c77a55b4d",
"indicator--9cab761a-c772-4e2e-a97f-bf8a96cdcb4b",
"indicator--b8c72484-a295-4835-ac5a-2d9005c9a504",
"indicator--88fcada1-2078-49b0-9cb8-d4f18056ec3a",
"indicator--e17a6b08-b2a1-4f8d-8632-f38f95b77756",
"indicator--4b8804e2-5a5a-4e35-b24e-62d3a0d4990d",
"indicator--9459a394-bceb-4e23-9fc9-de355a3495b1",
"indicator--60d3fdca-c76e-4359-8305-5719c410571e",
"indicator--8c9f095d-3667-4e63-a758-99c9967e0225",
"indicator--1726dd1a-2420-45d7-945c-cd9be4ccec4f",
"indicator--977aec27-6a2f-4785-9d4e-adfad0fa9d0e",
"indicator--7faddd14-e29f-40d3-96ee-22a9fea9c2d6",
"indicator--fefa8be4-60d9-471a-a1fc-6daa670e28a9",
"indicator--1da39e7c-ade3-42fb-9767-98616879da82",
"indicator--fd31ab9a-3be2-4a47-908c-fd98a15eb143",
"indicator--f9027605-e493-4d93-9f34-08ca3ebf3287",
"indicator--b44f9dda-5ba5-4c93-8117-7e8253c14521",
"indicator--a38397f4-81a4-424d-b30c-2248314de599",
"indicator--92d23998-f758-4b3e-82bf-98f4d5d80d0e",
"indicator--7f1a97a5-8032-4959-b0ee-510631c21335",
"indicator--98091a09-a30a-40ca-8060-55f3188ce730",
"indicator--4fc4456f-bb69-4267-94fb-894d683f0a06",
"indicator--b2e770dd-fcc5-4eab-8f30-8a42373b1c7f",
"indicator--e1fdc801-a4da-4442-aa1a-1767f3496104",
"indicator--c006047b-4cd4-4cb3-8c91-edaa0f734688",
"indicator--c6c1f8ec-1281-48bd-93c6-6425f79ec4e3",
"indicator--603f2b29-e2d7-43f2-8bb6-cafab70fefc7",
"indicator--b4895402-6985-43c9-bc27-8bbe8a73605c",
"indicator--bd1c29a7-2222-4978-8b46-92450f3e8522",
"indicator--dd463fef-734d-4ad2-9504-0c05f5a1fe27",
"indicator--d1c3fcf6-35b5-4d35-b6a4-6601eeede5dc",
"indicator--dd418c94-4553-4b35-a53d-8db63a6e2a7e",
"indicator--c2e2c22f-ae80-4b01-95da-32aeb1e87e0b",
"indicator--19edcef7-7090-4563-89ca-72441f791564",
"indicator--78da7f56-5630-4c80-b149-f9fdec7826c0",
"indicator--ad48d8d0-e4a2-4374-91fc-2b0f2bf90ce4",
"indicator--f2441129-f67b-4527-84a4-0765ae113da5",
"indicator--c802b1fb-a1b0-4dd2-80ec-995a2906ccf4",
"indicator--37986109-6f89-4aee-8158-df273c2022bf",
"indicator--18872b71-0bce-4b39-8006-3cc6d640d79a",
"indicator--36ce9689-0281-44b3-9e7e-cc14033e81a2",
"indicator--1053036a-54d6-4893-a788-0139824ba514",
"indicator--907d57a6-c128-44e9-9a15-844bc37a2867",
"indicator--101845fe-fb68-4574-8d0d-6b31236019aa",
"indicator--0b0749db-bd9d-45c0-9e11-ee45e0d41e9f",
"indicator--86aefff5-322a-47b5-90d3-6eec57478210",
"indicator--d99f08d2-e08e-4c4e-a393-5905b6369a8a",
"indicator--49474735-57d2-42c0-8ec9-fdbae5ef6c68",
"indicator--eb76374d-d301-43f8-8d9f-56cd357180e4",
"indicator--acffda59-39b6-4d8c-bc33-445bc9aff287",
"indicator--54738ec7-f16b-4d2e-9630-ef182b42fade",
"indicator--6dcfff38-8b5f-4cc3-8467-d340c7e48c93",
"indicator--34ee3280-2d7e-49ee-abbc-3ded3ac5f0d0",
"indicator--9ab952fb-7134-4a88-8f89-a6cc9c82473f",
"indicator--5268d3f8-4003-4c8f-9c58-9f5270063037",
"indicator--eb57fbf7-dd09-45f9-b8df-31f1448e10fc",
"indicator--95c9082f-d2d2-4043-8518-5d813db3e94e",
"indicator--76c77c0b-6595-44ad-850c-cbf735bb1da8",
"indicator--cc8ae1e2-a010-4141-9e4a-941a5c2f4a4c",
"indicator--17cf0c4d-f0df-4389-900b-7ded3daf035d",
"indicator--371fc829-7a80-44cc-98ff-ec96fda99455",
"indicator--44945b47-d702-4c3a-9d6c-0d97f7181acb",
"indicator--0fa316b3-a084-453b-9277-6512044edd18",
"indicator--27eb0449-d1ea-44f2-a3e9-513ab26583ea",
"indicator--d27eb7a5-d6b4-4836-9fea-cd33f2548b0f",
"indicator--e80b078e-d45e-4898-9b7e-4e689d74b77d",
"indicator--d15d6268-120a-4e4a-a37c-5f6c48fe760c",
"indicator--e4322fdd-c206-4a73-8d7a-e2df46728008",
"indicator--602cbb47-6524-4c56-a726-4030ca5384a0",
"indicator--1d4bacb5-c8da-4d60-853f-17ccb0eea487",
"indicator--f9506bef-fa38-4b9b-a56c-1a971668fb8e",
"indicator--41652205-a9eb-4555-b718-f089379160c2",
"indicator--1b76eeea-2d89-4534-8814-56b6b9240940",
"indicator--26ec9e81-ee48-4f61-b76b-b1a6ecc39239",
"indicator--2f4963c5-25e3-422c-b213-2c72bbe4eff9",
"indicator--0b3ef31c-01e5-4b61-9c23-81bcf9463e0b",
"indicator--2c8836ed-0988-4957-a9b6-08dd13eb12ca",
"indicator--070774f6-6f2d-4253-a0b5-e75d4d876c4b",
"indicator--4ff3778f-9b9c-479c-84e5-125f2f57883a",
"indicator--e933b430-a319-4fad-a831-34934763c095",
"indicator--dbce1379-ceae-4ef3-92b2-b74a7c5f420f",
"indicator--43857724-aece-487c-bea2-f88df06696a5",
"indicator--e983a0b4-fd8a-482e-a42a-851e0093817b",
"indicator--442311f6-cb52-447c-a5f6-a0e5e8cab447",
"indicator--69823864-bb8d-48bb-993e-288f6acf7846",
"indicator--7e5ad9a6-69d3-446e-b17d-a2017069d6b5",
"indicator--014a6356-629b-4b13-a4d5-3bc5f51928bb",
"indicator--91f05bab-973e-49dd-94d9-80568be0cc21",
"indicator--6186d53c-c1ff-43f8-8ece-b395479a2bf5",
"indicator--4f125523-fd2e-48f7-ac3b-c41555c8c159",
"indicator--f0a75a88-9c0a-41ee-adea-e94f131d41aa",
"indicator--3e1d4d96-08d4-4c44-89cb-4197b50b5342",
"indicator--de671ca9-4133-4efd-aca7-aad8b78ae91e",
"indicator--3a686ea5-d608-4100-ba37-88a2efcfdeec",
"indicator--f2ea9c74-15f9-42e6-80b9-1dadad0f30cb",
"indicator--6dd9cdca-ddd8-4aae-a888-413ffbfc9b4e",
"indicator--6a528e75-edb2-43f2-beb9-d5d30d55d352",
"indicator--b73c08db-2d9a-4233-b65a-366738316bff",
"indicator--22ef2358-974a-419e-9b2f-bc89c8e146f5",
"indicator--44bb354d-1ed2-4e4f-8fc3-61839e2bd6bc",
"indicator--1f90aa71-7d64-416a-9073-fd5440f0a886",
"indicator--bcc93ac2-9cec-4331-b36b-a396c41dada3",
"indicator--1595d197-b2cd-4240-9c31-c6a1b432420a",
"indicator--c31baaaf-3c31-4754-a227-7bd3d9823623",
"indicator--22cff312-1e6e-4bfe-9d1b-dc26c12f8f15",
"indicator--e326c048-595d-4c0d-926f-eaa0077cec59",
"indicator--93cd1781-6941-415e-9cab-55ef1322c680",
"indicator--4f9ce231-5c1b-4e64-9170-9c138d1c9efc",
"indicator--571ae1bf-b2a4-418c-b4dc-0240b7fe5c76",
"indicator--fa0f6349-aa64-4b3c-ad49-3cb6967062ba",
"indicator--49c6e8e1-c4a7-483f-992b-d0772d080f39",
"indicator--79ae6abb-5caa-4c87-94d7-bd426957373c",
"indicator--1c4a672c-9bad-44fe-a85e-8bdc27c3d12b",
"indicator--23cab516-19d4-4197-b06c-5b1fb77b2f1e",
"indicator--eee6b2aa-0f02-491e-9905-befa92176d30",
"indicator--59c45612-089f-4303-bcf2-d8091d835811",
"indicator--ebce8760-9408-4bb7-8f8a-3c738bc42097",
"indicator--7c53aa97-1592-4292-9e43-acc5e8c0f0d2",
"indicator--f1e3750f-3064-4a3b-a75c-5d6312556e04",
"indicator--08fc52e9-4503-4045-b5fd-f2858c65d815",
"indicator--e46d57f5-2fd1-4fe6-9f87-1cb6d8953a5e",
"indicator--6c4bcddf-aa14-4f7f-afb0-d44028fe9d88",
"indicator--2376768a-7af7-4219-b62d-420caf8b1746",
"indicator--2166864b-2024-45f0-bc98-62857e06f06f",
"indicator--d6f48942-72ac-46a7-8fad-6a179959c4cb",
"indicator--4867aeb7-5226-41fa-82d3-9daebe6bc2c8",
"indicator--678a9b19-a86b-41ca-9f67-67b71f61de38",
"indicator--e723061e-3c3e-4037-81d1-db99c5e21f60",
"indicator--2a1eba4b-5bce-4967-9aba-8b89505e1576",
"indicator--0a554c26-fce9-4365-a90e-637eaeea7b88",
"indicator--2999ec11-c768-4473-a7bb-214f809ebe63",
"indicator--b59c41f4-0f1a-493b-8148-186a86db59ef",
"indicator--05301123-ac36-4ee4-a85e-7330bca8391f",
"indicator--00a04905-bbde-4d53-879e-f2a41dbc6469",
"indicator--5faf6f6c-46a1-46f8-9332-e592e8a738bd",
"indicator--5675ef98-df42-499a-90c0-2bc8f714faa3",
"indicator--be6823ef-20c5-4d01-be1d-8be7c822827c",
"indicator--d5369581-7c9c-4258-9788-89fa25c6a903",
"indicator--cfe1fa68-166b-4594-b079-f70c391eecf4",
"indicator--5da9f641-a4ef-47fd-8c0b-8cc62ad43e0d",
"indicator--bd3ab226-7d83-4af1-8424-a2b93e20cf96",
"indicator--7cd2ebca-b362-405b-84b5-d509621eb93f",
"indicator--3c4d646b-54ae-40d6-8776-8f9d8b25ad8d",
"indicator--e5809aa1-04d6-4bad-bb5d-144d4239b923",
"indicator--9862be1b-1fc8-4218-ab2e-0bba8a4546c0",
"indicator--ddeec549-8ea3-4bf0-9965-d946dc0dc34a",
"indicator--56b3f47d-6ff6-4a2c-985f-7774ae4d46e2",
"indicator--d78f453a-5219-4cec-aeef-b4a6c695ae6f",
"indicator--27c8f930-605a-4628-bdba-d24b32342cd0",
"indicator--ca7e4b82-9a53-471a-8d85-91561acd3f5d",
"indicator--b3642b1e-4d84-41b4-a575-916acd3684e7",
"indicator--10f20e10-3693-40f7-b506-ee4f7f854ba5",
"indicator--aea4d6bd-88ae-46d9-8f64-0bc413ed5d47",
"indicator--3785aea4-93e3-466f-9dbe-044d828ca1a7",
"indicator--85f79cc4-3c0a-47fd-b263-8641887dec1a",
"indicator--e3b7d7b7-46b7-435a-9168-6dbff92e43c8",
"indicator--a4567206-4c5c-4b96-b6a5-176795231f10",
"indicator--1ff727c4-11e7-4bbc-88ab-8b6c4bff9b21",
"indicator--03f60aa1-68c5-49d7-ae19-3a84fa321dd8",
"indicator--8e84c011-d8a8-4124-a204-6853aa5cecef",
"indicator--37033e75-44da-41fb-afe3-49de58389af0",
"indicator--928198d8-1734-45fa-8130-cf5255e74992",
"indicator--300596a6-9da5-4ba2-a2a2-93a6dc1af457",
"indicator--f014506b-8d19-42a6-8aac-021dd904cae4",
"indicator--eb526e18-08b2-4244-a617-161b78e089e4",
"indicator--ad1f7ac9-7cb5-40e0-87e0-8ca68220a68d",
"indicator--b90c4730-14f1-4eea-83ca-6f38341ffdcc",
"indicator--584567c1-94ce-42f1-b4d7-8cf5bfd36729",
"indicator--fa180915-6a4a-45fc-a4dc-d690575d6f7a",
"indicator--df3eb83a-7fff-4a20-997f-6baf976ceff2",
"indicator--b68d157e-3c1f-4da1-9294-bee11e0b78ee",
"indicator--af64685d-11fd-44e2-8559-746c53995329",
"indicator--5f882c75-4e31-4a1b-95ff-a82aa546130a",
"indicator--a232b039-1745-4f39-9a12-3e9e459dcc1a",
"indicator--196c2975-0c5f-4d50-8f2f-d421ed276e84",
"indicator--883347d3-26ea-4f52-8a3d-bd464ad96aab",
"indicator--507e319d-17f6-42a1-944b-99f1850fdf7e",
"indicator--3c960291-6a70-49b7-92fd-5a966754a1b0",
"indicator--8afab6d6-3f37-4079-b2b7-b705106fdb72",
"indicator--61f8af91-f90a-4573-9bc4-2d4a4f0cddbf",
"indicator--fb2220de-bc48-4cad-9d27-ba9e73bed20c",
"indicator--3691daa0-2c0b-4abd-bb58-2afaa5e261e0",
"indicator--83ca6033-26a4-4dbe-b35e-95345fc2dce1",
"indicator--6c40d67d-96ed-4113-9e1e-d75b416062a2",
"indicator--43352263-1d35-43bb-ad1c-ddeba4be0911",
"indicator--9c621491-4bfa-48fc-a707-e8d68908469f",
"indicator--258a2a75-e301-44d0-b4e1-f7f1e0336da6",
"indicator--73008488-2344-46eb-8ecb-2bc223079e74",
"indicator--1f4389fd-b526-44d9-b911-804e0b8817aa",
"indicator--e55bf1fa-0c77-47b8-b718-ccdc3fad7162",
"indicator--6291ce1a-3870-4355-aeb3-b1f6f74f599b",
"indicator--bf7ee762-ae60-4b9e-bed8-62e1e1e31ba5",
"indicator--6e125c36-3d7f-4605-ac04-dd3abe3f9782",
"indicator--3c3590f1-9c18-4cb4-aa07-0eb9c4d42b71",
"indicator--fcdfdf08-31df-4968-83ca-89c823696dd5",
"indicator--7f3d483f-fecb-42dc-ae77-e59e6e9abb1b",
"indicator--d3a4f901-4950-4011-a4fa-51388723f834",
"indicator--8682976e-9341-4c3c-84ed-34585bfb3b0f",
"indicator--f3e7bc46-00e9-4070-b686-ce88523cfcfe",
"indicator--0a4c0b1a-3295-43ce-bbd9-ad233c68b9e8",
"indicator--217c56e6-3c54-4cb1-ab40-b15574bd604c",
"indicator--1994343f-fc2d-4115-a99d-d4abd7f5f0b5",
"indicator--68b12309-d236-480c-950c-1345360c33f9",
"indicator--006d023f-d05a-4e40-8aed-7f2bb3038c29",
"indicator--68d6845e-5ee8-4522-abe4-035eb4084eec",
"indicator--7afdedf9-c666-40c4-bdc4-ae67c4526230",
"indicator--b2420766-0c2c-45c5-8a81-8e7d78cea42c",
"indicator--2f2760b4-2069-4dff-89e3-08c07122d148",
"indicator--0ceb7e88-7454-423e-9d13-679a83224729",
"indicator--97d0c8f4-8e2d-4878-a949-5dc559898238",
"indicator--e7a01f7a-615a-4966-b1b9-0b2b7bae9289",
"indicator--605d2af8-303c-4a41-b38a-79ff8949de41",
"indicator--1618785e-93d0-4b85-b104-85c4e7c058c8",
"indicator--0780e27a-1ad0-4c00-8e25-e23578292c06",
"indicator--c8c7610b-f439-4905-a53b-111492e77303",
"indicator--d45b2e12-d6d3-4b47-9be6-ac9c1fc0a09e",
"indicator--19550356-2857-49ce-b2d1-0b564b562f13",
"indicator--b8c49aed-4b15-4d83-a6c0-639d067b1cc1",
"indicator--91f26696-09a8-40f9-9b18-4ad5f7f00d96",
"indicator--0a0f2907-800c-467b-84a9-01764b30722b",
"indicator--5d5e9fbd-5229-45d5-8d1b-2d3bf191ee0c",
"indicator--25640bd7-cdac-46e7-b5c1-379e7393f510",
"indicator--65b4548d-2f2b-4be2-b628-fdbeef468a80",
"indicator--947e0956-be51-4b7e-ac68-9ea3c8a52a60",
"indicator--048d3562-f446-4358-9444-c161c18119f6",
"indicator--e6527e58-79a7-4bea-b211-c80b31178e93",
"indicator--d7ec2a79-f5e1-4466-909a-30882663a807",
"indicator--cd1a1903-a107-43b4-a3b9-0f9bb3cfb1b7",
"indicator--99579807-56d6-4757-bbc2-50829755949c",
"indicator--f0d1c5b5-1919-4c89-8998-3bd053cb01a3",
"indicator--dba8af9a-3b12-4a8d-b003-3c8f49725093",
"indicator--4aafc5f0-3f2e-4140-a5a4-6c7b03b603cd",
"indicator--12d5b17f-5c01-472a-bab3-cf1440422c38",
"indicator--082ec694-e91a-46db-9474-f8fadcf95f55",
"indicator--fd8a587a-724a-442c-8342-8a73f8a828cc",
"indicator--edede5fe-6dae-45f2-8c90-47e5ed8813eb",
"indicator--8488cbc4-9995-4825-8a76-b2baff105f76",
"indicator--bedf4af8-b6de-4b67-8da8-04fbf5fa2d5b",
"indicator--469b1eb0-273c-4cf4-bc10-1b7312b955df",
"indicator--1dee85ab-fd90-4bda-bb20-932fc8905108",
"indicator--ac85d57f-64b8-42c1-be06-1d17b1ebaf72",
"indicator--7ad9c175-7bb1-4629-aea2-92ec634626a6",
"indicator--8e061138-4a4b-4b19-b9f9-2968b40ccd8f",
"indicator--47ad5c1f-67fa-4000-b5c2-48ce989f2d9e",
"indicator--c265c7b3-248c-43b5-8444-24733eea83b3",
"indicator--041e4ec9-8837-419f-a56f-1ee0b40a9da4",
"indicator--cb4cbae2-66c0-4358-9409-397c05b03d8c",
"indicator--55652f2f-2cb1-4807-a694-730f102e3655",
"indicator--9df10636-d08a-4942-b917-7ded00f890c5",
"indicator--ca27f596-979e-4ba4-9232-31d1c6add0e8",
"indicator--b628e17b-5e20-4992-b4ae-13ab410f5df1",
"indicator--0e3d7d59-cf66-44e6-bf76-005ce499bff8",
"indicator--65b44e79-e726-403d-b4ec-35bc41c1cda5",
"indicator--7f5c5135-a308-45ae-b677-a23a50ca27e5",
"indicator--4ba974bd-9008-4e97-8037-61b7e4beeb5a",
"indicator--81b9d089-e682-496c-965b-806fd9e6e918",
"indicator--22fd10c0-8037-414f-baf1-388451e7e132",
"indicator--e34791a9-a71d-4dea-8fa4-8d3af6408777",
"indicator--8146fd51-c406-4cf2-bc51-c370aaa12189",
"indicator--789b7584-d570-4586-b7f1-52ed12c041ff",
"indicator--90b43e0d-08db-43d2-a424-3ab352c071dc",
"indicator--649a816e-ec67-463c-97e4-687b40e0824a",
"indicator--7f62c673-edc8-4f14-a0b5-e6cbd9097112",
"indicator--ee7b99a3-3a3d-49bc-affa-1fa6098c232e",
"indicator--5449fe33-e928-4429-ba18-0be3c63be58b",
"indicator--d9f16707-beca-43dc-bbac-0f009abb779e",
"indicator--cbf1a0ef-1202-440f-86fc-4dccf75642c5",
"indicator--58c4fb1e-c752-4062-9a09-2a25010955a6",
"indicator--1c555887-1bb5-45ff-bafc-7982e3acea15",
"indicator--ea880e3a-e4ea-4f52-8331-f4d587c0fd5e",
"indicator--515e544c-0029-4d4b-a232-0aa7e0fecf00",
"indicator--79fffecc-6028-4da7-8c0a-bb88d7809361",
"indicator--62ca0e36-6656-42b1-a526-0210484870a3",
"indicator--f3315103-00e7-4404-8c92-c398a40180a8",
"indicator--adc635ec-7091-408b-940b-6b74df35fa6e",
"indicator--4ad901c6-1b47-4354-b70c-ea591c91cc2d",
"indicator--2e174bf5-5b31-494c-af38-a976210bd4fd",
"indicator--34494ce5-0042-49aa-9240-efd9dcc94b99",
"indicator--4a15ae74-9edf-45bb-8924-acd35e5eb1d7",
"indicator--28ee7af6-d076-4f97-9baf-87f026fbd6e9",
"indicator--e02a38a3-cb97-4d1d-8a6d-7fd0f81db706",
"indicator--4279d92f-3e32-4102-a2f7-f5a8c173d375",
"indicator--4f4cbbea-6b69-4c18-b000-8670b336c567",
"indicator--79bb428e-d085-4fe5-975b-6dafb7890107",
"indicator--5ce85cc8-3396-4349-b710-c051451dbed4",
"indicator--b97dda49-3923-4fbe-b043-779a18f0d3cd",
"indicator--96eb9dc6-f643-4353-bb4c-c5bfda428407",
"indicator--0ccc53f0-60a0-4152-a4bd-74659550ba40",
"indicator--7246b713-4a08-4e50-8b62-e670a75254c5",
"indicator--da75a00f-4756-4dd8-9062-82d8801bcff1",
"indicator--8e1493b8-74c8-4246-8d6c-14c86d96810f",
"indicator--0e5a06d2-3477-447c-a677-4c9e21a844e0",
"indicator--dd4ab430-9e3c-49e2-9d61-30f70e4c37e9",
"indicator--52bfe7f0-a2dd-4616-8e54-41a0d958500e",
"indicator--d4564a42-a813-427b-ac42-4389d12b67ba",
"indicator--d3b8b273-7c51-4921-9174-c555b3809d62",
"indicator--c53342df-523f-4d31-9289-94d234353705",
"indicator--b7693181-befb-44e4-8f5a-9f7612db4440",
"indicator--ddbdde6f-8ef7-48b2-8dac-973d2bbba41c",
"indicator--607e1909-5319-457a-b4cc-0cf829720c43",
"indicator--b6bc51c6-6907-488a-a7bf-e93f478f5353",
"indicator--0d9d7cf9-8a29-4fa6-a4a7-d7c90904c0cb",
"indicator--7f0097db-e6a0-414b-9de0-f18dfd21c23b",
"indicator--9837d389-179c-4c46-a16a-7af158091b4c",
"indicator--510d4112-9f9f-4932-b10a-02f648ab5f15",
"indicator--56a99f2d-d9c3-4748-93bf-b33a87b811b7",
"indicator--15cd97ac-d0ec-4641-81bd-f5b8be067884",
"indicator--91f25e5a-a78f-4603-880b-d06ae222123d",
"indicator--bcc3af6b-5b42-41d5-aa76-a37bd1658653",
"indicator--80f893d0-c29d-4162-aa79-a114d080a028",
"indicator--bfcb857a-7824-4b1a-bc71-1483cbed3b16",
"indicator--a7a70f78-2184-4389-91f5-3b4a01e01a03",
"indicator--840b7f84-f925-4481-958f-d8956a1ab3e5",
"indicator--8ce8748a-f05a-4d98-9c50-3387a80e76d6",
"indicator--38d8ade5-9ada-4d85-827b-7ca6fc4ab893",
"indicator--52ff35be-fe3d-43c8-abcd-81bef8edaeb7",
"indicator--7547d5c8-ebd9-42ef-b385-06a63f99b3f5",
"indicator--e76ff0c0-2d79-40bd-9032-74794b26ce92",
"indicator--d6e1f8e3-d7d0-4182-b622-426944aba38e",
"indicator--91bfab1c-644b-4841-9d3e-f15229b2ad34",
"indicator--42a54e77-2c32-4eac-87af-6bd7821517af",
"indicator--a09bf7cc-1866-4983-a76c-8b456378ebf0",
"indicator--05d3f6b8-c8a0-49f7-af78-d7a09ee8b31f",
"indicator--db4f0e67-6ecc-4e97-b200-d7d369ae101e",
"indicator--d4cd9b1f-dd33-482e-96b6-8715f6852d7c",
"indicator--affa1d86-7bc5-44b1-a945-2c8a4c787f1c",
"indicator--42571d8e-b1ae-424f-a89e-33c10c6ad9e3",
"indicator--e64f7e4c-c178-4f6a-8769-30a05d60ea10",
"indicator--5b67f6ab-659e-46b7-8ae8-5c4eb1fafaaa",
"indicator--85a551e9-4226-4380-a1af-b80d44d4139f",
"indicator--b038ebf6-b92e-4a93-b426-bfd1eea51867",
"indicator--891c5c3e-957d-400b-8014-9bfd800de769",
"indicator--52921701-9e1d-4598-a5bd-0e1564fe67fb",
"indicator--fdc3a2a6-5d57-4c70-948a-e2553643c83e",
"indicator--2a62e775-8281-486b-b09c-9606c8a5ae12",
"indicator--37669819-2b0a-4d87-bc4d-5c4bc28d2927",
"indicator--f1b883ec-0426-41b0-99c3-647ab0a58222",
"indicator--8aac1a4d-84f0-4225-95b1-a73f9bbf1119",
"indicator--e6b48a3e-16d9-4941-bd68-b4baf493eea5",
"indicator--b1688fd4-eb08-46ba-a411-0f8924bae0df",
"indicator--8a55a2aa-adba-4bd8-baca-5c2ffd54b1fa",
"indicator--ed42d975-3d9c-48b7-9ec5-95712661bca6",
"indicator--1d05b2b3-7366-4cbe-9cfc-01f972bd2a90",
"indicator--c1d4452e-f225-4695-9793-f86af9544c60",
"indicator--e24520dc-60c5-440d-9be1-136e13f93544",
"indicator--fcec772a-2c58-4442-9b87-b44a8e49db7d",
"indicator--870c086f-5868-4fde-9828-a5f356a810b1",
"indicator--ece89a73-da41-43f1-83f9-ebe9571ddeb0",
"indicator--84593f8a-0699-42ae-93ba-dcb9bf1f6fdd",
"indicator--ae517785-3a6a-4af5-9e5e-fb5b03eeab11",
"indicator--d592fd88-37e7-4450-b6ec-b72938a9077e",
"indicator--d7117419-1f5b-47d7-bd46-6fe9340fcb54",
"indicator--fcfcdbf2-acb4-4062-95e5-fd40f07fc51e",
"indicator--23cd5963-af60-4cd3-bbc8-d2ce93256fb9",
"indicator--523463da-c26c-4243-914e-bd35091e9f42",
"indicator--1087592f-a6e2-4485-8fd5-852a10a0ae9f",
"indicator--334ed1dc-51b6-433d-8442-6f7e7bb369a7",
"indicator--b6cb1577-4ddf-45c2-b5a7-253470db1e64",
"indicator--de9ad2b4-44b6-4cee-8b19-6988a87f3cfc",
"indicator--6624c957-3a4d-41d0-9321-13044d288e21",
"indicator--33f66d93-7a56-433b-9a9f-19bd7300d6e3",
"indicator--017b27be-78d2-4d35-88cc-d1e5b70ecf96",
"indicator--51fb7a88-e1f9-4f64-b722-6cf37c8cf3a7",
"indicator--7698d8b2-1816-4459-a86d-fc720ac414c4",
"indicator--e5b633b7-32f3-4d80-af1f-bd67ea176cb6",
"indicator--ef30ca0f-b2b9-4563-ac35-77ba97bf06f2",
"indicator--c7e495a5-f056-4069-bd3e-ccb679523ac9",
"indicator--9aaee704-524d-463c-a060-1bf72d900391",
"indicator--ab266991-0faa-4e2f-b232-7f7af48c21cc",
"indicator--24af6b4a-682c-4558-b4e3-29470f3e69e4",
"indicator--35d7d42d-1af5-4c97-a3a8-e1ada1875819",
"indicator--f3f78ff2-424b-41ff-b367-76071414d1fb",
"indicator--80c3b8d2-f836-47b7-823f-ffd5b64447f8",
"indicator--d853deec-d2fa-4f54-b588-63a247a36ba9",
"indicator--e79030e4-9c74-493b-8492-1b820ea76bd6",
"indicator--c7276df2-361b-4b46-9574-1d22a7b1b527",
"indicator--eb8bb344-3d11-402c-ba34-23ebd1f588c8",
"indicator--ffff96cf-9a22-4b3d-8d27-d0b4272ab8b6",
"indicator--b35a2ea5-e6c1-4d9a-802d-6843440de102",
"indicator--24ff8890-7497-4d4f-98b6-58d78e71870e",
"indicator--a3a8e4d4-fbe3-49c5-8948-64c013450b7b",
"indicator--f2afd0f9-0a32-4279-ac14-8a3948b96cc3",
"indicator--6aab0f9e-4e7a-4b6a-8220-e6cb1cdf8894",
"indicator--35857348-45e2-4ffb-8282-e89cbaca3532",
"indicator--20b23af0-b997-462a-9689-6c2177e5ca99",
"indicator--50022956-441b-4e5d-bee0-25a452fe8454",
"indicator--a3eaf3d7-13c9-4c75-ba4a-d105c9b2c0bc",
"indicator--4eb1f228-168f-47a4-819d-c6d5cc0f1c25",
"indicator--4216d33a-6eaa-44cc-835b-68531461e4e9",
"indicator--f9c6e4d9-d24d-45b0-a942-317429816ad1",
"indicator--bdeb5b71-4413-4bf6-9f50-c952cd06bb15",
"indicator--9ddecf54-7bbb-4c2b-8323-567e58f6dc96",
"indicator--32e56fca-50c5-407d-a417-8e72d944bea5",
"indicator--e08afaad-8dfa-4523-aacb-e21cd91c6b17",
"indicator--cff4a452-cb57-41eb-8618-7de534a7064f",
"indicator--8739266e-d1fd-454d-803b-e028416a05d3",
"indicator--dea0d7ab-d634-4177-80e8-d09126b287f8",
"indicator--00804b68-a984-466c-b97c-17926f6b2ed4",
"indicator--2bff29dc-5ca8-46bb-9f2d-ddb9e111acaf",
"indicator--b86ce5c9-dc12-48f1-afc6-ff45b5eb6978",
"indicator--47c99504-e196-4514-9d45-542ec9b77bee",
"indicator--9745e202-bb4d-4a23-9560-794e4d30d7d8",
"indicator--7322295b-4c8a-4fe1-904a-decd073e513f",
"indicator--4e7ef519-f153-45a6-9c24-64efe085162f",
"indicator--b54942c3-939b-49ac-8968-4a771175e041",
"indicator--77de66e7-a990-4413-9207-3f6e40dc537c",
"indicator--5959b75b-37d1-4f13-a8f4-e0ce3c84cf01",
"indicator--07a99311-b5f4-40bf-b37f-689517074cec",
"indicator--db6d80a4-1b90-4a46-bbfa-23a39ba1fc70",
"indicator--cc667ed8-8cea-40a3-8e52-d3c12717b182",
"indicator--f4f81a7a-b1dd-4031-bfe9-44872db4e2df",
"indicator--bd430d31-7344-4d84-8495-74633357e1f9",
"indicator--e9efd60d-eb9a-420e-a4ec-e4388868b1d1",
"indicator--59b38e6a-6374-4b4b-b52b-cb20b07c6eff",
"indicator--644e4230-5f4a-4eaa-8a2c-a3da19443168",
"indicator--ffb2edd2-528f-4fbb-8bec-01a07d8de347",
"indicator--d638b367-9d7f-4daa-b0ba-eb0c54f715b2",
"indicator--4c19dc05-8157-460d-8262-c54084eefe32",
"indicator--42000986-a42e-41f6-8fa9-fb2743e94126",
"indicator--10b98549-99c7-4d34-9fc4-02317bed4488",
"indicator--4ed1a635-f92e-4ae5-b7ed-d7871487a840",
"indicator--9e9d3341-356f-4651-8fd6-1002171c1d56",
"indicator--80efd8ec-2470-4c1c-91d7-5c795848425a",
"indicator--fb4c1789-b46c-49f1-bb19-e3789ae84db7",
"indicator--bc7ce885-0275-42b4-92b4-83253d95e337",
"indicator--53a0c056-215b-4949-a281-08c5481e5b8c",
"indicator--5ff0d1c2-9552-4163-825b-03223a8e8021",
"indicator--8ea8a639-183e-41cf-8411-5af5e88eac45",
"indicator--dc33750e-b31b-4184-8dbf-25ef4033a98e",
"indicator--62781b34-d0f1-415c-86d9-d5bfc8a15cae",
"indicator--a665fdea-ed12-4baf-bd05-648103ef840c",
"indicator--be73285b-0bdd-47c1-b9e3-c1b9eea322ec",
"indicator--7b33407d-3ff2-45cb-bfb3-397e9b050e08",
"indicator--cf841ac4-c104-44e5-8183-6690286ee8bf",
"indicator--81a28832-2709-458a-b39f-9f3c07f98c8d",
"indicator--8b759d10-a1cb-4f54-a2fd-c2f3f1b6cc5a",
"indicator--7134def7-6a58-4b58-aaa0-74a7eb5718a7",
"indicator--2800c260-fded-4900-a15c-5331a02c5306",
"indicator--8df2c887-50e2-4884-82f4-3a2dda412219",
"indicator--4fce7aca-c250-4042-8c39-c3307a979c85",
"indicator--eae46961-9e2a-4543-a725-46d7249a3d46",
"indicator--ccf8449b-8faf-4ec1-8164-7cc6d2202b87",
"indicator--35f72a43-6add-4881-b9b7-6da3e9fc3637",
"indicator--21e044b5-a67b-4fab-abfc-5261a827cbef",
"indicator--18ab8719-be52-4acc-8c3f-f03580ed6fc0",
"indicator--846a0c04-b4e4-46c8-9030-ba44c069557e",
"indicator--67330ae6-5320-4394-9c0d-3dc392912bf6",
"indicator--07e0f333-3853-4a05-917c-4d655e3c52b6",
"indicator--540f8845-ff29-44ec-8f39-bb64230a29f3",
"indicator--bfb24beb-d96b-46f2-bd41-ec3d9c38a4df",
"indicator--580acf6d-97d7-4c85-8019-9d98b711750e",
"indicator--dca816ef-48c4-40db-9cc7-0a27d020e67c",
"indicator--f5f440b1-f38d-45a5-8dd9-c6ec0cc390d8",
"indicator--61c6eb7a-5a09-44ff-8ed6-138ea8b34450",
"indicator--41dd3a54-5fdf-45eb-8966-f644e7919dbb",
"indicator--01764c4d-ff52-442f-b61a-6d73261af626",
"indicator--66a5ad42-e341-4746-8da8-49654123134c",
"indicator--a3538e62-9122-4077-a7ff-eb958edce93c",
"indicator--d27fa217-5779-4c1c-96f2-5a28cea4ecbd",
"indicator--6ec68618-a003-4c89-9bb4-cfced5c5d429",
"indicator--16d4dbf4-7cd2-4f3d-a86a-587b48f3096b",
"indicator--ad210c39-268c-440c-96fb-dd8782a2347a",
"indicator--bb2d5c3c-24a9-4906-9714-049fb6669706",
"indicator--718118e5-4294-4758-a405-9a23e4d3eaa7",
"indicator--5f519f7b-1df3-4dd9-8ec8-6ca147f29b73",
"indicator--a0c0ace9-6e06-4779-97a8-276d1cc272aa",
"indicator--1b42e574-a18a-4af7-89d3-14b1b8bbea3f",
"indicator--3e172674-72d0-4626-a222-436a8dc1a025",
"indicator--f164e840-f539-441d-8feb-8d4e22acf9f2",
"indicator--e82a9826-8191-4159-8b3a-a8486dbd1724",
"indicator--fa82a8cc-c952-4f31-ab2a-20e1a490f100",
"indicator--57b71b6a-3026-455b-b601-b877a779af76",
"indicator--fdd12221-bacc-4364-88a9-8811a507495b",
"indicator--ee380cca-82ba-476c-884a-9fe8da5e76ef",
"indicator--ce54cacd-d226-4dbf-b72b-50c5158f9496",
"indicator--dfd6a1eb-b683-4020-9d32-87555b035081",
"indicator--5a94ec98-ed20-44f7-8f21-a477849124c7",
"indicator--6f68c0ed-af39-4209-ac62-db46363e227e",
"indicator--f6b3ef3e-8977-49a4-85e8-46e0bc550c28",
"indicator--bf8b68df-e6f5-4c5b-9028-6322ccf0defb",
"indicator--0175249b-809e-4bfc-9ceb-427e5d25c7e7",
"indicator--8aad1757-ac36-4d7e-83a8-a3af6de23f3a",
"indicator--bda0a089-ab15-4ef5-a2d6-2279897308e1",
"indicator--04e520db-1cb6-43e8-8b1b-4831ee1f42b1",
"indicator--6020be27-94d6-432a-8e14-71f5a87c9bb3",
"indicator--5ae9d6ae-45d5-4eb3-9e52-4a5c8ed0e7d3",
"indicator--b1463b89-2ff7-49cb-9694-23d103788607",
"indicator--dbff6aef-6fdb-4215-869c-97db79c900f2",
"indicator--1c6c49d5-1063-42ad-a39a-e748feb0d386",
"indicator--8482caa9-8900-447b-98f5-8918acbdc631",
"indicator--56f5e5d6-1adb-46d8-9bfc-4c38cff04453",
"indicator--3c42f2b3-eea3-46e8-bd13-a5b9d11882de",
"indicator--45ed8c29-07a3-4f59-912e-018319f179bd",
"indicator--dba98b7c-139d-4289-8040-083b6c7e4c36",
"indicator--dd4a191e-9a1a-487b-87f3-6d3dd298649c",
"indicator--382433fa-6455-4633-b45b-fb0ed854bd48",
"indicator--299f8416-84df-4f29-ace7-8a5837d5fade",
"indicator--3b3b6aed-e0ec-4335-8599-59072d63275b",
"indicator--58dba38a-9775-4847-8974-9909966b339a",
"indicator--5077cc53-61bd-4dd4-af0f-0b0b5c40105a",
"indicator--30361603-692f-480c-9d88-03d6d5d1533b",
"indicator--c18bc053-de01-4b51-a754-b022c6781c27",
"indicator--cea3391b-3611-4b06-8aba-f9bb1a3a40e6",
"indicator--9b007635-7b73-4bc5-8dc5-1813c5208d5b",
"indicator--2bd12c05-7c3d-4ffc-b505-42b96fde5d3a",
"indicator--583420e8-db42-47bb-a943-8d80271b2d3d",
"indicator--c0e417bf-1d0b-4a27-b6cc-177addb75740",
"indicator--833854bc-84f9-4c04-a4c5-b815cd7f33de",
"indicator--56ccbc57-8715-441b-9c3a-ad6d10a24c6a",
"indicator--0a1ada3e-6f1f-431d-aeb4-b5206865bbd5",
"indicator--c2282a6a-7df5-48b1-935e-867f1a28d949",
"indicator--af195795-8cea-4e64-a47a-0b7e228cd43f",
"indicator--f07fa32a-b72f-4056-b2ef-11fe51409455",
"indicator--2f3569b7-165e-4544-b9ff-635bba45284a",
"indicator--a5a2c5d4-9c74-4fdc-bee0-1f699f027a9c",
"indicator--475e17a7-7484-4eaa-96a4-204d969e7aa7",
"indicator--6f300fb1-fec6-482f-bfdb-740843e2c4c2",
"indicator--b78f0356-fc25-4ffb-ab7a-cab3d8f62c33",
"indicator--6f594e8c-4b35-468f-9ebb-d2883086c8f6",
"indicator--7418e75f-fcc0-4bab-9ca3-818234162e27",
"indicator--d66b9925-c0a0-4a7b-b1f8-12405aba0009",
"indicator--e0b35643-62c0-40b5-927c-e7606e1ea028",
"indicator--d5ef0d71-4c73-4c21-a228-068f1abce7be",
"indicator--ae1de120-0cdd-494d-ac37-34974024ff85",
"indicator--e19e7105-2f52-4d11-a800-cfa5637730a5",
"indicator--a9c7eb92-c4a2-436c-b31c-dfc70b6868e1",
"indicator--f135606e-16e3-4bc9-9626-03db99a9ab86",
"indicator--b3126455-4d27-44f8-a40c-f7cc9a2dabae",
"indicator--0f52418e-4382-4948-8652-7632cb4591e8",
"indicator--8246fbf7-fbfb-4891-a9cf-f505e31a3ce5",
"indicator--df878759-b12a-4d82-b2ea-b57d2e0c2e37",
"indicator--ae8fa118-32b6-4a45-8f9e-4ca43cb9e796",
"indicator--58fb5edf-99fc-48d1-82f1-bdcffdc4531d",
"indicator--86ae72b5-639b-4120-9a98-bd9e31eba2d0",
"indicator--a2da9635-35dc-4288-8d31-e8a8c48f2102",
"indicator--6be40d00-7567-40f9-bd2e-79134bb804ed",
"indicator--71fba833-c734-4f80-adcf-6842d02c5f61",
"indicator--b439462f-0be4-453a-a0b3-ef136c730480",
"indicator--41807646-a0d3-4ea7-918f-8ecf882fa58b",
"indicator--6ee9c704-dedc-4f5d-bf78-6c0726a253ec",
"indicator--b1e09bd6-9626-422c-83bc-863b8f5198ee",
"indicator--b5bba6ce-3f0f-4bdd-90c4-3b70d82a2816",
"indicator--256656a0-df7b-4ecb-b2d8-3a2801854bb6",
"indicator--459fb9f5-4564-4c4d-9a09-427df43a2178",
"indicator--623ec286-d15b-4552-8693-25e40512df83",
"indicator--43355b51-f1da-4c70-8173-511a3f196c1a",
"indicator--e6ba647e-397c-49fe-a986-b4d450fda250",
"indicator--e099d903-9a71-4bbf-ac27-8543367059e8",
"indicator--37ceceaf-613a-458e-b703-46a7f999da25",
"indicator--1271c5f9-f39f-45ac-9ca0-cb5bfc221967",
"indicator--705871f7-847f-4d5e-8dbd-7d08e9a70c45",
"indicator--510f2131-d0d6-4c75-bb4c-996f49afd75a",
"indicator--33b81b51-3b31-4b34-b196-dec73260d386",
"indicator--5ded9954-0a73-43a7-b7d3-e8ee32a53ece",
"indicator--f7b288bb-7763-4c95-9cb8-0692b7c9ca7c",
"indicator--1f17bf4f-9754-4305-8f30-30be5e5da14c",
"indicator--759e6e6c-59a6-4aed-842f-ee701128ec66",
"indicator--706b9dc8-137a-4ea9-9aa7-8b164ec944b6",
"indicator--4749a19f-9821-4722-af79-735d0264bc78",
"indicator--483c1990-ed4d-436e-b0d4-d2bc94e28cc5",
"indicator--d7318abe-89a3-47c8-b172-3bfcb23295de",
"indicator--024c7e8f-890d-47db-b493-0022cb00d4fa",
"indicator--d0995c76-885d-4449-97ca-ce1707d710de",
"indicator--d2e6d198-a2c4-4b9f-87cb-fad846ed427c",
"indicator--7b1745e0-cf2a-4062-927e-153b4952f528",
"indicator--dedc3abf-cdf4-4528-9c2e-8df1993f7109",
"indicator--6ed712a6-d25f-4fc1-8cd8-7009153a829e",
"indicator--5298d32c-d1f9-432b-945c-a8d7eddce4b1",
"indicator--62a63c0c-85d1-4333-8186-c5c19eab94c7",
"indicator--9cf3091b-b7a5-4ce1-99eb-43438ba39c36",
"indicator--ff157fa5-0ba9-45c8-b2c9-998a44f105f3",
"indicator--f45683ce-78f8-4025-9f2a-f0df75252e6f",
"indicator--3bc8bf91-84d6-4367-a7de-20a292c266aa",
"indicator--52bb4616-a484-4c4c-b8d1-4970ef67ce51",
"indicator--456b386b-c39a-4e3d-adce-35996100f95a",
"indicator--4bcfb24d-b3db-4649-a1f1-2bb7ea1d9a20",
"indicator--9ef791d1-e789-4ebe-a855-4e0cfc145225",
"indicator--cd24a6d4-a7d8-4213-84a4-05895933ef8d",
"indicator--c89a6e71-0426-4502-a011-3fc217dac5a2",
"indicator--e78101be-608f-4288-8c64-9894593f7217",
"indicator--83b50ee0-349c-448b-86b2-33c4204455fd",
"indicator--347fba6a-b9e6-4c8d-ab53-57c40a44c4cc",
"indicator--f1542eca-9b22-48d2-8fc0-157f40e4aae0",
"indicator--c2943b65-6957-4cf0-9e26-e5ea9f8fbaf2",
"indicator--f1f02b45-c659-44be-8d79-44dda038ac04",
"indicator--eaa303cd-5b60-457c-b562-743c9029b8de",
"indicator--21879a0e-a1c1-4e54-9113-e96703cd501b",
"indicator--68d923ae-f41d-4479-9bac-0035022e211c",
"indicator--62b5798a-3e84-4e81-b06e-ba6d063e956b",
"indicator--20d07890-c505-4447-af76-b610f10ccaa6",
"indicator--e3bd05f8-bba5-49ce-addf-45d2e3f0d0ce",
"indicator--420f8d5b-39ca-477d-bbb6-511d6fd943d2",
"indicator--aac95057-974e-44e5-b561-f3aa71a97393",
"indicator--48434b6b-e209-4ff0-9301-306c913d5b5f",
"indicator--d784eead-1baa-4d54-8d9c-50b34a66502c",
"indicator--b1ebf7e1-ac1f-4a31-b7ab-cbbdca248bff",
"indicator--21a3d66b-f1c1-442c-94b7-f74527d4fe36",
"indicator--20491d8f-92b8-479c-917c-edcb16feb4fe",
"indicator--0c2aac4d-ad4b-4d7c-a13c-302704d8c5c8",
"indicator--3b407888-b1cc-45a0-a520-117c737e552d",
"indicator--7e414aa1-256d-4e66-a6d4-963f04745e07",
"indicator--e4c0c916-05ac-4adf-9688-fc0068694699",
"indicator--b3576beb-0fc2-48ce-aec1-ef233e592587",
"indicator--fce36e00-e6a5-4877-8b9e-0f52c4610d91",
"indicator--4f8c3803-e15b-4541-aaf3-237498589a0d",
"indicator--aa090680-5312-4729-9e19-c4673f0ac3e5",
"indicator--f1349081-75b8-4190-98e9-96a4f23feb4b",
"indicator--b910fada-d293-4ec4-8fcf-07c8be2584b2",
"indicator--cd7d251f-71cf-4f39-91e4-3fb02da79e00",
"indicator--600edddd-a4c4-4425-8b10-64eabfa678b3",
"indicator--b554dfe6-750f-4531-9b0e-ec1d4a3b9d29",
"indicator--c14e9b91-097e-4678-b691-26935724db3e",
"indicator--6454027d-ba56-4ff8-abe4-da29313229f7",
"indicator--d378d31f-9220-4356-9898-ad05baf12e12",
"indicator--2c8e5e92-43f1-4e92-8267-f53b82d518c8",
"indicator--4c40c2f7-378c-4177-94ff-f62ad8de7fad",
"indicator--1f01f899-9371-4fc1-b898-5e1e89b4b743",
"indicator--c652a508-456d-4765-b489-09d76303c69d",
"indicator--81b4883e-afec-4570-8c40-27cebc52835f",
"indicator--5d96f360-7cc4-4d7f-a677-27af5a9f9656",
"indicator--c4cd2da2-3e19-424c-a1f5-108f21a61cb3",
"indicator--b9eba227-b1bb-4ec2-91b7-2f9a16ca6280",
"indicator--15aa62ad-8ce9-487e-b87a-203ee74adef4",
"indicator--c0b37616-78ea-4aeb-8238-6afc1c498f2c",
"indicator--b871b0f8-269b-42f2-a748-c830ee321aff",
"indicator--8232b2a7-9a90-4383-bfdf-9ce634050600",
"indicator--172deb5a-6f4f-4b7b-8671-1dc8ec712d12",
"indicator--9d6401f0-81a6-4b07-b365-907598d4ab5c",
"indicator--f4a2682f-390f-400c-a587-a37325329d3d",
"indicator--ee971f0f-21d9-4d8a-a254-c2c3617eaa6d",
"indicator--ed6f73f3-80a9-4011-9f16-89722ed1fa53",
"indicator--50cec67c-34ef-4df8-9565-886d7e811239",
"indicator--086dc1ef-0ddd-43df-ae62-8e413d2fd8b5",
"indicator--5328a2f4-77a3-420c-85e3-964501cbacc3",
"indicator--84d943e9-df76-4c10-a643-a532665bd8ce",
"indicator--b0d692cf-6806-4bb5-9c2d-1ce7f5b1e2f5",
"indicator--a76c6556-476c-42da-ac46-a3bcd2610729",
"indicator--8401d91e-b9be-4e39-8791-923d9edd28d0",
"indicator--62e5f5bd-4cf5-44e3-8d2b-abc5e00d640b",
"indicator--74ee8895-3b8c-4ce3-ac18-7ca3aa88ed48",
"indicator--eb349e07-ba85-4379-93f7-2322ebe95692",
"indicator--c59e2d73-fcb8-4be0-b016-ca1f5505cfb0",
"indicator--2e832141-3b17-4ad2-a474-9e0c1d467965",
"indicator--2814d3e3-2a31-4363-a15e-3136e5298e06",
"indicator--3fdb6e97-0ad9-4a94-aacb-b4756c70289b",
"indicator--a3cb1b93-0233-4848-bba0-b27b6e24bdf1",
"indicator--3dbd8e81-b482-49e1-a93b-773918382d44",
"indicator--9f166889-7fbf-4faa-9268-204162c20694",
"indicator--ca421f03-e8ef-4e42-b18b-e41c86670f0f",
"indicator--e171a2de-6a30-44c2-b405-1e4f52fbb290",
"indicator--3afcf257-9bf6-45b5-8a2a-e289e836850f",
"indicator--21afc526-9a27-4d26-8863-9774bfcf61d3",
"indicator--bb876b7f-b859-4588-9ac9-c22dab97bd76",
"indicator--77e08877-57f1-413e-963c-f813c56346eb",
"indicator--a837a6d8-62d2-4790-968d-07bff0c289a7",
"indicator--4b5aa2b5-419f-4775-b0ab-425baed55b36",
"indicator--2211725e-214f-4f02-a7f3-69e58b750265",
"indicator--302c902c-dab8-44e0-ac06-ad499096f488",
"indicator--59135b56-f5e3-4c2e-a118-c088f6ee4efb",
"indicator--b2e48d5b-d875-47ca-9d16-4a687572ddc1",
"indicator--45651cbf-48c5-4674-97f1-d7af1e109f90",
"indicator--6416f2bc-b14d-4e89-ba06-78f4e26e6769",
"indicator--7a91e9fb-ae5a-4980-ae29-a8ecbe42c0ee",
"indicator--7cbbc8ca-3ebc-4fbb-b0a8-f49b0b76d17c",
"indicator--ee2ba1c9-dc6e-41e3-a0b3-3384b7946211",
"indicator--0f94ccf0-0841-444b-a00d-5f9773af62a4",
"indicator--3496b920-839f-4ccc-a12b-6cdd666b88ad",
"indicator--ac010bf3-ae8e-4c6b-9b1b-3ecedccc1308",
"indicator--d552827a-80c9-426b-a8ec-366d41435573",
"indicator--ddb8f045-4a2d-4e0d-9da6-0bb5ac4fd5de",
"indicator--8c378136-6954-417d-8035-5265a4140942",
"indicator--8741e161-10a5-4163-8f05-b0411f0d5243",
"indicator--d3186fb0-63da-4f0d-a913-a95992da6942",
"indicator--86c48ffd-40d2-467d-a1f0-760bd82f6c0e",
"indicator--4ccb2f28-3a74-47d3-9c76-b13660b2a96d",
"indicator--74ad0d72-7134-4c67-9018-627ef8f98a95",
"indicator--f53eff93-50ae-44a2-b53d-18bed1fdc8de",
"indicator--3a4b4445-4af6-47bf-9624-08827bf1bff5",
"indicator--733bc930-b76d-43a2-89e7-edd4a19e5101",
"indicator--9c9b3759-3df1-4afc-957a-b2a09cd6ccd2",
"indicator--587df44c-b5d1-4c33-a1c4-4cc8828aabeb",
"indicator--f83cc9d8-5879-4014-9af3-31a968c78ddb",
"indicator--473cd2f9-013a-49eb-a1a4-c6b68ba772ef",
"indicator--5d3769ea-64c9-4e76-9a7d-5867eea9ad07",
"indicator--b1b69c60-6b92-4f93-bf3d-b0565450b537",
"indicator--fcc4282c-f545-46ce-91e7-a0701aaad220",
"indicator--ded8e33b-23b0-40ec-b7f6-05ec5447f279",
"indicator--ac2d291f-e1e4-448d-9598-db2d8b428da2",
"indicator--c70cf32c-6fec-422f-a160-2b8acea21b21",
"indicator--2be0c536-4e66-4116-90de-fb3c001bf569",
"indicator--698671e5-cde5-4a57-8526-a6ed81266fe7",
"indicator--a057bc41-7970-44de-bdf3-193b6c7ed8a9",
"indicator--68933312-5b81-4ae7-b919-bce2746dffd2",
"indicator--ddc665d0-657a-4fd3-a891-e54895a50a9b",
"indicator--b73bf60d-cfb6-4fdb-a1ff-4f64d3a66f04",
"indicator--4fc3b56f-ca3b-4478-84a5-d4b9125b29cf",
"indicator--b196fe50-f418-413a-a3bc-0a8b5878fc90",
"indicator--350d919a-9076-4ad7-828c-48e21ee0fcb4",
"indicator--9f4e4c66-7cc5-45e2-8b9d-2d4b3f175d6d",
"indicator--a3e01d3d-5e49-43f1-bc29-8d4f92172ca9",
"indicator--2921469a-a596-4c19-9afb-ba01f259ca3a",
"indicator--fea09baa-7610-466e-b6fc-ee047df20974",
"indicator--894d61ab-2195-4899-87aa-8cc5150f9fe7",
"indicator--0c52145f-e906-473b-96df-43108436d781",
"indicator--ed4310dc-5dfc-41b9-81fa-f86f385bd88b",
"indicator--a277ee67-b7d8-402c-944f-4dc70b86fa15",
"indicator--e45c88c3-8f07-4e8a-a9b0-73d309f9e0c2",
"indicator--fe48f2f9-4faa-484a-ac9c-5b86656571ef",
"indicator--ab1c739c-6e78-4b37-b169-a10ce9804c7e",
"indicator--307c2195-25f6-4f45-b181-89fc0619483a",
"indicator--8e8912df-edcc-40ff-b9f0-0e119ab377a3",
"indicator--713cb9c9-7bf2-49c3-9ee4-d50feafae848",
"indicator--ea76ddfa-5e8b-49c0-a881-b7d01ac20431",
"indicator--f2143c37-3351-4b31-bf26-72fc4ceaeb23",
"indicator--fde4ef0b-1a7b-43c1-9aa6-70a46e7f2bfc",
"indicator--85ef4294-842e-489b-987e-5a032766da5b",
"indicator--152c1e59-acf5-46b9-8490-bf49b41efc87",
"indicator--026eaf49-3c28-4d5b-a270-4e5320b48416",
"indicator--be9e967c-dc79-4606-8693-271a319236cf",
"indicator--9f12ef88-f07e-40ff-84e1-6050305f6171",
"indicator--19042820-e197-4ba5-b8da-727d0d074bc8",
"indicator--208482bb-ce1d-49fe-9af4-6410dd96a240",
"indicator--05eb9e68-f2e2-4725-aee5-9d0efa67a279",
"indicator--9dac58ff-0807-4fb7-bbf9-7802b84ea89b",
"indicator--c7d82b6a-022c-411b-8ef9-e42f40426a28",
"indicator--ee15dcd9-b6e0-4ee3-b94a-5bd92133c505",
"indicator--0c423bac-1283-4819-b7d9-cbca648a8a02",
"indicator--b4e2e224-2077-4b52-bc27-8f2a2a7a8a72",
"indicator--bdb6b0b8-c674-427c-9d7f-5ba5c32bdd37",
"indicator--34e88eb7-9f8b-4b47-a393-2d2ad3c8e170",
"indicator--2e70f889-b43a-4644-844c-755e3199b218",
"indicator--c0a30425-8e95-456d-9835-5e20e748a222",
"indicator--cab08b3f-f45d-463b-8212-197d44723838",
"indicator--55cd62fb-6581-4649-a4bc-1789c019ad2f",
"indicator--0591319a-6e77-443d-973c-027e21218952",
"indicator--9eaba568-f7c2-4059-81ca-7e126a498847",
"indicator--e0d5747e-bc4c-415a-8611-cdee019d698b",
"indicator--4479be88-94b0-4586-9c93-e6af5165fbc6",
"indicator--be321e84-b2ea-4d14-bd02-8109887c7c93",
"indicator--fe03bc12-3daf-4e95-a20b-84e6c25c4510",
"indicator--2a9647c6-5790-4194-8ee1-b520fdfdaa7c",
"indicator--e7d8687f-0730-4e07-9462-b24208b2db5f",
"indicator--666d1496-2245-4e3e-9feb-8fa6b5a3206c",
"indicator--e780e445-f947-4d20-9292-e894c1844820",
"indicator--572eaf39-770e-4120-9256-fc753cbe9864",
"indicator--9643a604-36a6-40f4-a0ee-14a5439a00e3",
"indicator--066d55e2-6764-4f0d-9adf-1de9c49aa858",
"indicator--ed3384f6-bab8-4dfd-a213-861b7f176226",
"indicator--db8f2194-fa1e-48ee-81c9-48e9a79838cf",
"indicator--c13a00d2-a310-45e5-a66f-dbc7befc810b",
"indicator--b5e2de49-2fdd-4f98-b99a-c0ad35ab3d80",
"indicator--0ae811ff-4933-47f9-baa6-9776165817e2",
"indicator--4f3641d0-a7b6-4730-9602-0a49ed953352",
"indicator--55580574-048a-4168-8edf-077f07e8a480",
"indicator--9d8652ec-bcba-4e27-8eea-85a5f630aad7",
"indicator--5078f0c1-049f-4816-a534-5ad961be2101",
"indicator--a72e328d-63c7-495e-ab99-ece920bdf926",
"indicator--67fa12d1-d4c9-4132-ae96-7d718e396c1c",
"indicator--ccb3b387-7736-4922-ac39-a70bc7dc9cec",
"indicator--c3c5be82-7e3c-438e-9000-5b91761c2bdb",
"indicator--0075caf0-ebda-4923-96e5-22804e87910c",
"indicator--e57f51fd-801b-4a1b-b108-c958c9bb4b79",
"indicator--881a4e98-9532-4396-b604-c3a23ebfa15c",
"indicator--6d7ae4ff-52c0-4875-bd10-43d4a2ee89fd",
"indicator--01865e78-8165-45af-a0d4-7762c04d9493",
"indicator--687ba8a1-e2d4-4d76-8c96-99bd7d3f936e",
"indicator--2e632650-d38e-433b-8e26-063665b30b7c",
"indicator--cea92d2c-a9b1-454b-8ac7-98eb23291062",
"indicator--986b9866-d5aa-4bb9-85d7-668df0b077d4",
"indicator--bbc00d31-6b61-4fd7-aed1-cbcd99b9cece",
"indicator--9d44ba55-0492-4d82-b6f0-04bf9f3234a9",
"indicator--3507944a-39f2-4e7c-80ca-1083b2eccf10",
"indicator--5b3cf645-b14a-499a-8db9-78776594170e",
"indicator--f1dffec0-e1df-4b75-ae88-c82c35c2ee59",
"indicator--1e3f983f-5874-4a18-9351-18b54ef42357",
"indicator--e46d3f02-85ce-4c24-8fc2-041de8af91ff",
"indicator--9dc16b9f-4fec-4372-87c4-08c5401a8e3f",
"indicator--568d3120-64de-4a58-82b3-5a68bed9a23b",
"indicator--ddea9843-601e-4bd4-9977-be803030a7fe",
"indicator--456c8d52-ab10-4dd1-bf3d-4573e68d746a",
"indicator--b83f751b-cc1d-4ac2-b90c-59b3933d8eaf",
"indicator--ed0b79d9-ecec-4132-aef9-07c8a0b30eb1",
"indicator--4c498f4c-69d8-41fa-8c8c-6fee7cf40df5",
"indicator--f6937c45-b573-44db-8833-7a952e6a2e33",
"indicator--303fc7a1-dda1-4516-936e-aaf2a2822696",
"indicator--eedbe759-528e-47f2-9d89-7ef0dc8ee902",
"indicator--03c1a3d1-c5aa-4563-807e-8e8105cffae4",
"indicator--8fbbda04-8316-496a-9362-dbae8748ea3e",
"indicator--c09c542b-3e81-4541-ab04-8fbc53926e62",
"indicator--e3fe3de6-06db-417d-81b6-da3ff0a74cdc",
"indicator--4bc17340-f718-42e2-8a79-1764aa316451",
"indicator--5c00b409-bba0-40a8-bfd1-9a6c17f9d7c0",
"indicator--862a634f-835a-402e-85ce-e4599dc9ad24",
"indicator--1963abec-56ad-4bf1-89ed-b5db12780f0d",
"indicator--3910ccdd-c2fc-46e1-9203-90d5909f9861",
"indicator--50bb85b0-00d9-427a-bd4a-f63b3e97a063",
"indicator--42332cb6-3ae2-42a4-8eb4-79cb7ff45a68",
"indicator--9f67a507-f780-48c5-a44a-87380eb4e1ea",
"indicator--23f520bc-ff8e-4500-bca1-c7011fadbcdd",
"indicator--a7173beb-3eb0-4cb6-a4bd-d3a6e61b23d6",
"indicator--91483c54-d8e3-402b-8246-45a9960ebbdb",
"indicator--87fe0685-f7b9-4d46-bf31-c4169cb48f94",
"indicator--5fe25635-fa8f-41e0-a63e-a533a43bc451",
"indicator--ec39c56b-c05f-44a6-9d15-a8ff1d2df2df",
"indicator--ad4177d5-91b5-44bc-91b3-ea53c1695019",
"indicator--eb7ae905-035f-4878-a670-3be89b2607e0",
"indicator--12f0b506-713c-4b09-b413-45f11a9e5fe7",
"indicator--3f924f5e-0265-4d09-b767-2778d8982e3e",
"indicator--3e9aa384-5588-4775-8dc4-679a8a19cf91",
"indicator--42ec078c-251e-42df-8273-d8ce6d17e712",
"indicator--cf6960f5-3dba-4e03-89ac-97fe6841b62a",
"indicator--9311857f-a29d-4c9a-9803-d36b5f63600e",
"indicator--fbe62ddd-be4f-489b-ac56-e3dbea3d0889",
"indicator--b85591ce-b5b6-424e-a011-d63b7b6a7e48",
"indicator--c09f4a84-0d09-47e6-9748-f56966476659",
"indicator--49b75c88-d07f-4cdf-bb2f-bce532204c24",
"indicator--623b80e5-857f-46f7-9fc8-20ce164fdda6",
"indicator--086f43a9-9598-47c5-b296-63d283f37963",
"indicator--0b03e9d5-6ff3-48db-8de5-f9b9e1bf920e",
"indicator--48e10d2a-4cba-4634-beba-f5fe783da9b0",
"indicator--befcf080-d92c-4cc8-aef2-1337b22f9349",
"indicator--00b13b76-57b2-4dce-9121-7eeb33a84b2f",
"indicator--b275d503-c5ed-4219-98d7-3e01365d48df",
"indicator--cc27c398-a9ad-4ac0-9dd6-fdc90ff57c46",
"indicator--0b9955ac-f3c7-439e-8493-1ffe1abb098a",
"indicator--1abce5de-180d-4245-93eb-59b2c9b28d5f",
"indicator--a020f422-27bd-4a96-970a-60707af247b4",
"indicator--49499f4e-74fe-45a5-9b3f-d24d44e3e969",
"indicator--c9f9886e-a0b3-4199-97ad-b717de4179e2",
"indicator--9c31a392-4efa-4b99-9a9e-f3ef06891d96",
"indicator--5a4fa8f9-03b8-4952-9a21-82eebb35a7f4",
"indicator--2e1c2077-e9ef-4df5-a660-f984e0234ef6",
"indicator--23020bf9-fbd8-4b83-a144-bfd92f4f6be2",
"indicator--e9a9cfe8-7753-4923-8724-18547c98c369",
"indicator--1ea5aeb4-27d3-4085-a30c-6c16f3c11ca3",
"indicator--e1f45206-287c-43b7-a514-94843acac0dd",
"indicator--661c040c-ed6e-4a3c-a8b7-552b478817e7",
"indicator--515d7c18-98a1-43c1-8c71-43504c07bdbe",
"indicator--9f76cbe8-9ad7-4bf6-8aab-9592a4986c60",
"indicator--6fb9658b-1093-46eb-bcc5-cb1bf418b6c0",
"indicator--59e53e0e-d10a-4710-a693-009b93c78f16",
"indicator--f63ce578-d2a4-4325-945a-d15afd8692ea",
"indicator--d466c468-e3bd-4830-979c-a6f3da97abb8",
"indicator--1cfc0d11-4015-40eb-93c8-40bf4d99f9f2",
"indicator--c85227c4-75c7-48ac-a464-0b149988bc70",
"indicator--5994d579-81d5-4a42-bf52-485aa4dc777f",
"indicator--38a3062c-4cb2-446c-9f6b-32f7a363bd82",
"indicator--e973015f-b916-4ff5-8622-8f58cf8cbd14",
"indicator--e03a72c1-fe7e-4138-ba55-a350846bd805",
"indicator--414f8925-abae-4f37-aa3c-58e7f3a9e73b",
"indicator--f8150826-6529-435b-a385-d5ac0de3d030",
"indicator--aecbb46b-af1c-4b6e-9559-37b291a65eeb",
"indicator--69f2a674-238e-4210-a0c8-d90ed759bb5c",
"indicator--f7e6fb98-6c84-42a6-ab6c-07467dee9595",
"indicator--7f8596f0-5b42-443f-adcb-775fb04cdcd5",
"indicator--e215ff8f-fdd1-4748-baf7-9778ea21c70d",
"indicator--514af8a4-d87e-48ed-a4a7-858fea4fd05b",
"indicator--1b1ef17b-dbfc-49c9-88ef-0076a1caaafc",
"indicator--6f7036dc-2f94-4bdf-90a5-4c757d7160e8",
"indicator--5f30dbb0-702e-4467-a4fe-30d35da263f9",
"indicator--e2f03e39-5d7b-436a-89ed-dd580bb40261",
"indicator--93c29c23-17c3-4ee2-97a2-fbd4c8ebc12a",
"indicator--580b43e3-5529-4997-a017-5defc7746f90",
"indicator--99bbe2ba-f6ea-4401-89ef-4b54816528db",
"indicator--b8c307bd-cca0-4e76-ba40-76ddb805da5c",
"indicator--33842538-7113-4454-a842-8e32efcb83cb",
"indicator--d56209c3-5f16-444b-b86f-d753792c6327",
"indicator--628e6552-f101-4ce8-8b91-fb40e60dad25",
"indicator--03e5a8c7-2615-436b-8235-87de98266227",
"indicator--74e15372-686e-4231-8dfa-6a8fa6f8921e",
"indicator--239351df-02bd-4458-bd45-4bffce197635",
"indicator--2bbc15e2-2dcc-4bbc-ba3e-ac57ac49c80f",
"indicator--53f7fd8b-2478-45ed-b56b-3fe7046bd550",
"indicator--fc091243-be49-4088-b285-2e26644776d4",
"indicator--a2a93443-61ba-400e-a963-6236d47a4bc8",
"indicator--e842a429-cbbf-4044-a955-deb5194fc964",
"indicator--4fe4fb36-1361-415b-9f54-c2ec00465547",
"indicator--0ed4f387-d295-46ee-96a6-26163e56a6bd",
"indicator--4c6ebcfd-ad22-4f9d-86b2-4235b72b74cc",
"indicator--fdb0d4fc-d109-4436-8505-43138a798732",
"indicator--7d91b537-64d0-436d-b13d-cb6848f00c2c",
"indicator--55ba3e34-cf13-4f86-b248-d8149e41953f",
"indicator--dc8e189d-55dd-4be3-b8a8-2fe2f53c27a9",
"indicator--80a849ad-2185-4477-a80c-d7e08d8c3bca",
"indicator--c4dc42fc-59a0-4ec1-8ba8-f7c595846e9e",
"indicator--dadf2647-a15b-4a46-8569-5c05da781b4f",
"indicator--15e196fd-2148-4907-b0d4-2c58ab57610b",
"indicator--a8a3da68-5e7e-4458-a447-c1e90c39e121",
"indicator--d9dcbace-8121-4b57-b231-0cf9c2aae6d5",
"indicator--c39e3a99-3a7b-49b8-a793-b57c6f58bf5f",
"indicator--55e45809-c9ab-4ded-9eac-aff00402bce0",
"indicator--b818f2c9-d8f3-40e1-ab62-0008dac14773",
"indicator--5ca1ead5-57e9-450d-805b-2f27d7e1881d",
"indicator--8eb11483-00f0-4da1-9513-59d90716862a",
"indicator--e109a3ed-241c-4d0d-8a62-55a0cdaec442",
"indicator--72c1f242-1711-4a64-9eb8-11f98efbd3d8",
"indicator--010ea11a-be8a-4d18-87df-83c8f9eba27a",
"indicator--c51cea73-1779-4b29-a38b-15b41af58928",
"indicator--dd6fd346-ea42-46cc-8b8f-df9722f673a8",
"indicator--2a0d3674-f031-4c09-ae42-eea3c135b299",
"indicator--59094cf2-fed4-49b5-9b75-c13920bc478e",
"indicator--bd21f8c7-47de-4554-8db4-2f2f8419cdcb",
"indicator--278af0b2-7880-446d-b4c0-6f0f47981885",
"indicator--60951b9d-58d5-4d67-98dc-419d52e73fb9",
"indicator--d91d1a87-9c65-4eb5-871a-350e88d48c67",
"indicator--942994e9-2837-4838-a351-6d2498060da6",
"indicator--5ce6eacf-36a3-4cee-b428-e2239337a261",
"indicator--1568b954-f3a4-41ed-a269-05c9c3115847",
"indicator--90911197-b866-47c8-b81b-c91aef1e1f4e",
"indicator--c9749630-6f3d-40d1-9595-c432426dd72e",
"indicator--9b4d7ba7-0871-4992-b33d-fcea9c3d5706",
"indicator--2ff6bcfe-d157-49d4-9e0c-5d099e81a4e7",
"indicator--a10c686e-b98e-4a85-9571-44b567cf1265",
"indicator--a1ca0093-0776-4457-8df5-215d6e3d13b9",
"indicator--15c67482-f1dd-45f4-9995-09898ed3c99c",
"indicator--0a749948-423a-4902-bcde-34c92a592824",
"indicator--21b7e0f5-176d-416f-88b0-d6f3f23eea78",
"indicator--8c7a6911-cd29-43c2-9f6f-836486fb6e13",
"indicator--424b514a-4d46-40e6-8ecf-e53ed1b7c4ec",
"indicator--142fccd8-a0c3-4307-b02e-2e0859a959d3",
"indicator--da02a56b-d3a7-4ca4-ba43-6225c3d92b7e",
"indicator--41b2d544-9a25-46d2-945a-4086ac6efa91",
"indicator--8f522586-9b0b-4f8c-afbb-0d7bb4d71013",
"indicator--d9ec2424-c3f5-432e-a23d-41db0e1a3612",
"indicator--ed18315d-0b5d-41f8-8024-0c28b0bd31c4",
"indicator--e83c02e6-80d7-46a6-bb46-ef4bfae477a8",
"indicator--ad3ae248-415f-44c5-bb5d-dcb652f12581",
"indicator--d10fe2c4-aee3-4c65-9643-2513abce26fc",
"indicator--a53d3ce9-85b1-4c64-9e08-3274926af67d",
"indicator--5a773668-2d2e-42eb-a846-459b94c819a1",
"indicator--94f2bce0-a4a9-48b1-9766-ac8e929c50c2",
"indicator--a79bcf27-4361-4301-ab7a-d9c3f6886dee",
"indicator--c88e77d8-750d-45df-9219-9d5fcb344001",
"indicator--a16e084d-69a5-4b8a-af28-3242a219814f",
"indicator--5018dd72-a0d6-4e0b-8ecb-cc786d9431ee",
"indicator--e8090d0d-6b8d-4f4f-9398-6e6ea5bf323d",
"indicator--77926f10-6d14-47df-9239-30882fdaadcc",
"indicator--8c66ec28-d3ac-4f41-887d-8d95d959839d",
"indicator--1410a39b-b8b2-48fe-9a64-1791c77826e6",
"indicator--0dc76a9b-5449-4135-8ee1-8b71f76ba192",
"indicator--8cccb91f-6340-4e21-94c6-6314d59d1892",
"indicator--4c887a69-301c-4598-a986-b99e854f11e4",
"indicator--4b1edf04-c147-45c8-91fe-b608b0576847",
"indicator--1603b793-854c-49b0-bf22-a9c1d129afb3",
"indicator--f006e272-c0c2-4834-8fa7-f23e467e760f",
"indicator--0df6cea0-6cee-4640-9fea-ca165c2c3464",
"indicator--db26b29b-46b5-4ede-a827-30df27676f46",
"indicator--2233fc39-2d52-4b76-b4af-f70ef20eda60",
"indicator--a7aa0b1c-597a-427e-872c-2945310a7c36",
"indicator--ce2c8cc4-9402-4e68-93bb-68c8e27a4118",
"indicator--832a24c1-de3c-40f8-b244-e3cd5ad38817",
"indicator--4ad4e1dd-7dba-419a-b98c-b1a8c67051d5",
"indicator--4b6e869b-443f-4e8b-acaf-eb22b33f5178",
"indicator--17caff3c-6246-408e-b1c1-54b6bdd3a979",
"indicator--fec03c15-542c-4c74-af45-f326c770a6d2",
"indicator--6deb89bf-d428-4fc9-a0ef-bc2dcb88f4e1",
"indicator--78379b8e-7895-42ea-8197-a8de8ad06660",
"indicator--e7cf4e2c-08a9-44db-9f9f-e509712aa7e7",
"indicator--3c74a814-4db5-4b77-87f9-f056d4dbbbbd",
"indicator--8ae5cf6a-df99-453c-ae46-8142abbbe3ed",
"indicator--e2d35926-7cdc-40c9-bff9-2928941af9be",
"indicator--d8e7ade4-2507-4069-bf00-1e360f176d7a",
"indicator--fe745970-772a-4e28-9004-d03b4a31c67d",
"indicator--59494401-004c-4805-a6b4-d15efc3c6c74",
"indicator--e2ba599e-07b7-4463-b541-516a2ae7fcd2",
"indicator--2460711b-3126-4a43-a42b-6abd08582509",
"indicator--137e47ee-b6cf-42bb-90e1-a8a99d10a92d",
"indicator--86bc91a3-4c10-4178-aed4-61d930fc9cf9",
"indicator--691c52f9-0fd6-4a73-ae40-aa868f40546b",
"indicator--8ff9b4a2-a9cf-45c9-b0c2-933c1c009076",
"indicator--f886bce4-eacb-4e99-85de-8ebe88c38c2f",
"indicator--d799347d-02af-4fc9-a56f-582fed62d461",
"indicator--58ea79db-b261-4528-9b7a-a62d85e27f84",
"indicator--5a201d17-337b-4f7f-a0e6-2ef71d23da34",
"indicator--d3ad1857-f39b-4218-a6e7-8d29a5338c04",
"indicator--2cf3029e-255f-43ff-9c0c-6fda843404b7",
"indicator--17130833-f0d7-4fdf-8c61-b4faa58a9d61",
"indicator--34ef788b-0327-4a40-9cc5-5b4c51369047",
"indicator--14bc5943-41e8-42c8-832f-fb83a0030ef6",
"indicator--5c36a15d-1621-4d38-b6a6-ebd23ca29553",
"indicator--594b00d4-c5b3-4086-a686-ec30ed2a1bb7",
"indicator--916bfab6-a92b-45b2-a5bd-f16a66ba6214",
"indicator--3a34a18e-56c6-4a81-9d2e-50855ccffa64",
"indicator--4bbed2dd-27bb-4ccb-a5bd-6b9a842f2e5b",
"indicator--6669c0fc-7399-4baa-ad90-34708b0879c9",
"indicator--abad086f-7325-435f-aa41-6a88129b3e22",
"indicator--bb2e642d-5444-4959-890f-37e4c80be6d5",
"indicator--3751124b-7bc7-4838-9851-bf78f022ffc2",
"indicator--4f291207-3c62-4e7c-86e6-556d6edc099f",
"indicator--4f11c69c-e5af-44d2-9d46-044287d446f2",
"indicator--83536038-c83f-4051-9ca8-ee3567162879",
"indicator--ad09fb43-3c66-44f8-b672-437949d266c3",
"indicator--bddb87b0-441d-4686-9231-ef41f3b40949",
"indicator--3f00db76-6c96-4a6b-9993-bae585317444",
"indicator--078ca1d3-de14-4396-91b8-085498866d05",
"indicator--ed4b8afa-556a-4046-98bc-912372d56f63",
"indicator--9088f1af-33be-4deb-8200-e85aca01fa55",
"indicator--da7a6336-01a8-45f9-93a4-6429089fd567",
"indicator--e4f1775b-fc7c-43ed-9c44-ed84c191d861",
"indicator--c853633b-8979-4117-bfef-d1d0c419f676",
"indicator--09dca847-1743-40ca-9578-ae6e16f1de6e",
"indicator--02bd54f6-4483-4ca6-8f66-1b9258569914",
"indicator--df5cc112-220b-4590-97f0-4c91b5108878",
"indicator--5816bc97-9eb2-4043-9fd6-0e13d909e798",
"indicator--71d4a1b7-0b14-4513-80f9-da2363060bd0",
"indicator--f24181fc-9a9d-4929-ae05-5cdfff6a0506",
"indicator--074f4ca9-f3f6-45b9-baf3-e80f10e19049",
"indicator--38120356-e54e-4e44-8d7b-a6b1606ff57b",
"indicator--0481b9f7-17c8-41c4-a73f-11beac10d856",
"indicator--e6a5323e-6a4d-40ff-b7d8-c0f2cb91801a",
"indicator--094865d0-79b5-42fc-a48d-4a079124b039",
"indicator--9105a326-b4e8-404a-8a8e-208b121ccd91",
"indicator--7d264264-99c3-48fc-a5e3-82536e063356",
"indicator--d648437d-3d48-4c22-b29f-b99f58d5dc26",
"indicator--b36f0881-cbf7-4d03-aa34-0ce9f372166f",
"indicator--a6e7ba16-fe4c-4e99-ad2b-e1a4767b46ff",
"indicator--374e5eff-8741-4abb-908f-3d7c60a6dc81",
"indicator--396af692-dd97-4164-9ace-2d3134c9270d",
"indicator--82019aa0-49c8-4117-bd46-18a888cfeb8d",
"indicator--4f528873-a9d0-4822-90c0-7db6b4f77907",
"indicator--7fce281c-b99b-4bd6-aedd-cc50f43a18e9",
"indicator--e68278fa-3d7b-4a85-bcf7-6e6957806f5f",
"indicator--5b6ff600-0d89-4f41-abbf-eda687f651d5",
"indicator--d5faeb05-85aa-4d95-8f26-a1b5025494de",
"indicator--9d0e77ea-8e8f-4fcf-8ea9-ea5d994823ce",
"indicator--4817a2f1-d041-4ee9-88ce-b29331cc029f",
"indicator--e08d4c90-c83f-4c03-9612-53dcaa75ae43",
"indicator--d347eb03-58ec-4f76-8eb4-11545fecc383",
"indicator--c4f07a21-26a5-4d0f-9d41-6f400fe35f6e",
"indicator--69dfe4a0-15fc-4e24-b872-f2736dfeca69",
"indicator--ec7535e5-e5d0-4853-9ba8-2c3a8e2ff1e1",
"indicator--deee1be5-93fc-476e-82c8-4bca3afd862e",
"indicator--c4553cd7-1c33-4905-8434-abba42d5c384",
"indicator--bcab3f17-47db-4396-8576-97474ccef51e",
"indicator--73eb3a4b-6564-4c65-9313-6ed7ae14ed3f",
"indicator--58a481b2-7a4f-4700-aefa-3e19917e7fcc",
"indicator--ca378a48-0034-4f20-bac0-f5eb34b106ec",
"indicator--e99246f6-2e78-4695-ae86-659f2a48431e",
"indicator--bf9e5427-d1a4-4e11-8306-3073094b5101",
"indicator--7856838f-d0e2-4f5c-9dcb-22b1f139f5e3",
"indicator--7561fbc3-b13d-4fa7-806d-3a14a23845a8",
"indicator--423d1e97-8663-4cd2-9afc-765f0c26d025",
"indicator--2eed8679-8fc2-41f4-a5f3-62e312687fb0",
"indicator--9b994693-ebb0-494b-b705-069459319aa1",
"indicator--ec22f7c7-2f8c-4ba7-aed6-cec3a2e59b78",
"indicator--43abee99-b5d8-49f5-99a5-5adc6b5ac1d1",
"indicator--9d644de9-e56b-4798-8564-9db5495fbc70",
"indicator--1716fb63-98f8-4f81-9e70-8354f62f4318",
"indicator--55dc07f8-34b5-4d3c-82b6-62998c61f449",
"indicator--659dafde-8390-4b76-893d-ea2e655d331e",
"indicator--6f9f2a7e-a1f6-40f0-8e1d-983969f0a0cc",
"indicator--ff2ad249-88ae-417e-b78c-cad68122c770",
"indicator--19cc65e9-5c7a-423b-94c9-587ae68c45ff",
"indicator--cf57bac3-8437-4892-8723-6b5291f142bb",
"indicator--346af9de-fb47-4afc-a53b-5cd6096a2d17",
"indicator--2fc60d7d-326b-46a6-a600-f2d9900d3bba",
"indicator--c5183af6-b043-46cd-bc5f-392b4bbfda3c",
"indicator--4dc6696f-9f55-4837-9944-405eddb6ceed",
"indicator--473016f8-1dae-4891-9c27-524f3e026f1a",
"indicator--3524d0ca-32b9-4cac-ba24-5ed8a89e28d7",
"indicator--bf76ee6b-79e6-4d5c-9d7c-27a5f9661e8d",
"indicator--715defbb-81bf-4cae-870f-251d9787b0db",
"indicator--651c3e9c-f885-431a-a976-abdac17ec305",
"indicator--fa864cc6-84c7-4172-9dbc-65e745543f7c",
"indicator--eace9a4c-6187-46d4-bc09-6ff98619e625",
"indicator--f30e0ac8-6d4a-4d20-a0e0-80cca57ea302",
"indicator--7ce7a2ec-7dc2-4453-be08-74ee4fdedb85",
"indicator--081b1df1-63f1-4dd7-9b1b-b56fda01d7aa",
"indicator--f01661a4-d293-4a07-b47f-765403708cf0",
"indicator--204bf892-a89e-4fd8-be71-47454ccebeb5",
"indicator--453403e6-dec8-4509-bcb8-d9bd337e5767",
"indicator--7d63e63d-2004-4522-99ec-97c49d4abdeb",
"indicator--d822b308-d00e-4a17-badd-15b12543640c",
"indicator--b64988fe-d0ed-4aa8-bdcd-d303b62a8f9e",
"indicator--991128d8-98b3-4d53-9235-388caeea47b2",
"indicator--e7c3c49c-e35d-47cf-b9a9-05546b4d70d3",
"indicator--d37df7aa-34c3-4556-90d5-518517f6a03b",
"indicator--1a176844-25b5-45f3-b33e-71d7d007a46e",
"indicator--73add41b-cdc4-4f4c-bb8a-bc8d96820003",
"indicator--7d2f9e5b-e330-4fe8-acc8-029a407f0cfe",
"indicator--cfdd50f4-b2c8-417b-b94d-630e8c20c6eb",
"indicator--1c455b52-f9cb-42b0-a889-27a7c5387530",
"indicator--23735464-e737-41cb-9ee4-3e7e0016163f",
"indicator--eb5dd8bf-ccb0-46c3-ba7e-9a4a4477ed7a",
"indicator--f290572d-ed9d-4bef-969b-d23615919a1d",
"indicator--f78188cd-db76-4496-b9e9-fd62b29fcd93",
"indicator--e686e9ec-4fc1-4a16-af71-03658e39e680",
"indicator--0e9fa37d-53a7-46da-a3f0-e7735b5c59cd",
"indicator--44df2d3c-0933-4135-b3b8-06cb457dfdbb",
"indicator--f34398d9-1ee3-4ccc-a384-79bb1021ec90",
"indicator--65b486c3-e2d8-4e3e-9db3-e7ddc2b97f09",
"indicator--e8330264-7dc6-4626-ab7b-af151fd09864",
"indicator--31751d1d-b3c4-497b-82ec-467c1acaf539",
"indicator--eaaa620f-3d0b-43e4-968a-4bf3e26af0b9",
"indicator--8d204451-724c-4aba-bb11-a7dae13fc152",
"indicator--a75ec48b-6cbd-4dac-baf0-9d1e0d6eafc4",
"indicator--fcc62b2a-1029-4691-be31-8ca062fd7117",
"indicator--9353295a-0d35-43d6-99bc-69aec5fac20c",
"indicator--2dd90747-4d56-452b-8cbf-1171d2b5aad5",
"indicator--666ba981-fa78-4251-ad5f-d74b062fc859",
"indicator--1b313f50-fb51-42dd-82af-29a0be25f0f1",
"indicator--6a12b651-7882-4e92-96fb-e76921172edf",
"indicator--cfa6413a-8819-4c2f-bfda-5b5423410a33",
"indicator--90c0c67f-dabe-4101-b9a6-a169b1480cce",
"indicator--1c8f26b6-d746-4d33-a10e-471507effc54",
"indicator--5eb51362-d855-45fd-8318-03eb88d940b6",
"indicator--4f1ed871-98b4-4bb4-9841-99b709729026",
"indicator--101715d9-c626-4b74-b86c-b2e6610c4d46",
"indicator--232bee2f-44d6-4360-9845-c4fdca9ff9d3",
"indicator--ac215c5a-0d02-4417-a7e2-362e246ea86d",
"indicator--563c40d7-0243-4126-9239-9a94fd5a3b92",
"indicator--dce4ec6c-6c27-401e-b36c-6eb476727524",
"indicator--53c5eb1d-77d0-445e-9cec-b36a463399ab",
"indicator--db10e884-4af3-4c35-918b-240d5d779c51",
"indicator--15f88af0-84f5-4073-bdea-f6a29b07bc8d",
"indicator--de7e8750-89ea-45f4-aae9-fe213eacad5a",
"indicator--2bf845f6-35f3-40ad-8067-98fbddf1ee2a",
"indicator--c40c1146-e62d-472a-9a3c-f28bd39836ed",
"indicator--bd125b41-a433-4666-be4a-a5fc58400777",
"indicator--c0121496-01ed-4c90-a827-7d7b35a812e8",
"indicator--12c8056e-610a-4d47-8666-a9558bc3236e",
"indicator--60e3e725-a65e-49cd-a610-291f9a436457",
"indicator--78371961-fcf3-4bb2-ba3e-10e579852978",
"indicator--80abe23a-84fe-4d74-8575-21f21c7e3c16",
"indicator--2d42ac0d-4a37-4dd0-9770-905fd6dc489c",
"indicator--1e546e3a-9a3b-4d44-8138-07c29463c0e1",
"indicator--c0c07d30-5645-4495-9c54-9c2d4e996058",
"indicator--9a827bfa-4c3a-421d-991b-c5d51a5190d4",
"indicator--86ccd931-1620-4660-b5b6-dc8ca36c9ddd",
"indicator--667c1b81-2fc4-4c7f-a63e-d66df83f6818",
"indicator--5fbea045-a8cf-4a36-bd51-6ca90e344123",
"indicator--30e6ea20-95a6-4a2d-88b8-6caad185973f",
"indicator--28187ddf-21ae-455d-bf2a-3d2fe4ee24c1",
"indicator--d39d042a-112a-41c5-80ba-817726d07e5d",
"indicator--e1bfd63d-7aa9-43fc-a8f4-54d336bed3a2",
"indicator--d33df106-a467-4d77-b3ec-317b991f21a2",
"indicator--b99b4908-9f61-479b-a35f-efeb8242bd0e",
"indicator--bc088d81-c1e5-421a-b531-62e91d9fcdf1",
"indicator--1d058681-599e-41f0-bcec-e1368fab21b4",
"indicator--931a7243-1929-42d0-9b29-df6e380e9ce2",
"indicator--cfb8fe87-bfb9-46fb-a781-b2175b79aeb1",
"indicator--520a0a16-b44d-4750-a7d1-ab941604554c",
"indicator--025f5a22-f099-43a5-bc92-1fcde0856cdc",
"indicator--93b8e4c8-e232-4caa-88d9-f07241933d58",
"indicator--6a70f787-fd3f-4450-917a-921a436f13fc",
"indicator--8c211bfc-260f-493d-ad46-5f99e745a6e1",
"indicator--a9956620-4c2c-4f3e-9463-e7de943e709e",
"indicator--29cb7525-70e3-4ea4-ae3d-8715617086b7",
"indicator--e02b77a3-f9bf-460e-bae2-0036ac99b46f",
"indicator--c0cb10b1-1cb8-450e-8f42-e2b53d18a602",
"indicator--d758e0ca-578c-4080-b412-bf8c4d7265d1",
"indicator--33779627-a9bd-45b3-af49-c4786b0dd249",
"indicator--fdd814fe-b941-4f96-b12b-f81288a1b9e2",
"indicator--7f4a7731-40bb-4e5c-a605-5fe897a962bd",
"indicator--559306d0-8bbe-45ed-91ed-97c94f062ba1",
"indicator--0bbabe30-a13f-4eeb-aca7-180263a73d7a",
"indicator--d231608f-a3f2-4ff8-bc99-1e8bccceb430",
"indicator--d7e2f2de-d3be-4fd8-817e-e80686513725",
"indicator--d1519426-da7a-4649-bbfb-f12074cf7e5d",
"indicator--eab394df-c70b-481a-a687-6e48d7a21729",
"indicator--e5b5aa67-b3d9-4c75-b400-52bd1fe70fdb",
"indicator--6d2b0d30-9ad1-4c4e-b52e-5e1c26baf9e0",
"indicator--e1424895-44d3-436a-a4ea-70857fae375c",
"indicator--94e129e6-a1a9-44f3-a24e-ccd1efb7b0cc",
"indicator--57b868b6-b386-4b11-b22c-1081f1fdff16",
"indicator--e3c3fb90-3dde-4eac-9559-6b9f4dc67746",
"indicator--d39d3e6c-436e-4a60-aad9-74101a108c58",
"indicator--98edfbbe-4652-4691-85ee-d2259dc5d05b",
"indicator--e46d5a41-13be-431f-a5d8-f6a7df0375cc",
"indicator--832aafce-76c4-46a8-b53d-1b6f77e5d1a9",
"indicator--2a333f2d-e86b-4276-8458-8012b339bec2",
"indicator--a528a32e-fbb9-450d-9f54-27cb8b768107",
"indicator--f7331170-da7c-4c3a-9786-cf12b4758881",
"indicator--cfa1786e-82d0-4458-b699-e016124d92ca",
"indicator--64e55761-de06-4d51-9743-3554247bc1f9",
"indicator--a2151919-a80b-474b-8c7a-85e2f746a08d",
"indicator--ec4357c1-7861-4638-939c-aa33338fc838",
"indicator--c1d32eca-f002-4fb1-80e8-52c5a90f6144",
"indicator--663e3c6d-9934-4d10-8fd5-f6ecddeece05",
"indicator--1ff43d5e-3bfa-4470-9cd3-9d0c401b0607",
"indicator--cd709162-817c-4ed1-aeca-c83ae8e8fd38",
"indicator--60680557-853b-4b45-bb62-d3469d75e1e2",
"indicator--793fc384-8ea0-4908-9e1a-9c1795c29115",
"indicator--6edf6335-57a1-45d1-82df-bbc722fe58cd",
"indicator--6674dc55-11e2-47e8-b618-6b92cac35b2c",
"indicator--01f134ff-93a6-4dd1-9d47-46e625abf86c",
"indicator--40b84471-a00d-4df3-8964-2733b8933c19",
"indicator--ed5ad7cb-661f-4d61-9ab4-80c297897393",
"indicator--8f81b80b-c8b5-4c8a-ab20-591e3183b0d2",
"indicator--61b0b444-6db4-456d-bde3-603499b0845b",
"indicator--fe37311d-9d49-48e7-ba13-877e35e4f79f",
"indicator--678d51a4-3762-4c71-84f4-2672199284e0",
"indicator--4459df64-34ea-4f8a-bf6b-b1b99186667f",
"indicator--550f9a96-da90-4818-a434-283d73cb4d93",
"indicator--444d1992-bf21-4c47-bc82-a95588e60b5d",
"indicator--66a91d3f-c8f3-4c27-a906-74520bf768d3",
"indicator--05e52def-b366-4197-8598-470cfdef08f4",
"indicator--805256df-acb9-40ee-a2d6-62cd59be403a",
"indicator--f50776ed-df1e-4fb9-bbe9-da708ee0b367",
"indicator--bb77aca1-57ba-4554-a7d9-c02113a86848",
"indicator--a78d3912-f892-434e-bb04-f5c8e20badd4",
"indicator--9e50b8d3-955f-4951-9760-c88c20702b92",
"indicator--6821bca8-87a6-4416-83bf-e8d2a36839f7",
"indicator--b4eb713f-4ee7-4fd1-a44a-21a8832b5827",
"indicator--768cb876-c400-4ac0-88a7-8c604ad72cf9",
"indicator--4b77aa0a-33fe-46e8-973b-0590c964d75c",
"indicator--bd2707fc-6913-4ef6-aa60-1bbd9edf8f47",
"indicator--7c8d94be-76d8-4cc4-b338-74e28ec2fbb7",
"indicator--5994f579-8694-45c4-a294-b58fe80ac1ac",
"indicator--27e7ba1a-4ea5-4ad4-80f3-3a25e0bd06b3",
"indicator--eba5f8c4-7e80-466b-8de9-9c352d6739a8",
"indicator--8dcb8ad8-786f-4581-950c-f2806a2c6b64",
"indicator--b23ffdfd-6974-42f5-8508-17e4283a4fd7",
"indicator--cb499764-a7fb-48c2-896a-ea28decb87f2",
"indicator--bd9f489d-127d-480d-a30f-3f7235c65487",
"indicator--ed7889b2-5cfa-44c3-b210-1c4be9c775f1",
"indicator--0de3b2c9-f535-4b26-88fc-8e307c8d557b",
"indicator--1161d3ca-9e47-4ef8-9b18-8eb4a8de8870",
"indicator--11689be3-7298-4c4b-8351-b665b8617d68",
"indicator--7d679d15-0ecd-4b22-a75e-f01f239e2ee5",
"indicator--2a23420d-0f31-421a-8d79-2cd13cbfeec9",
"indicator--d42c54ca-ce56-4434-8084-160986c9a052",
"indicator--7da3c695-697b-433a-b0bc-203d47ff5244",
"indicator--f68b2b92-3aee-4e5f-a254-242496f659f1",
"indicator--b21f3008-ae7f-4902-9a57-6cbc0a24e764",
"indicator--fb736483-f6e8-4681-8c13-76a380f984c5",
"indicator--16ba4692-c233-4342-82d5-1f229dd79dd9",
"indicator--51faf74d-e069-43fb-8c3f-395e339fe27c",
"indicator--57fe0a24-c828-49b9-9ea8-6baa6a4244db",
"indicator--0c10771a-832f-4350-bfb8-2e4962bdacf8",
"indicator--11a9b038-021d-456c-9116-e35391361bb6",
"indicator--16642aa3-ceec-4052-92b4-262d87a58b8f",
"indicator--f58ee338-6577-44d8-b8fd-98aec4709acf",
"indicator--df7b626b-e544-498f-8853-1dfc285e30da",
"indicator--45b24f50-9640-4124-a2e1-69e844bdfd21",
"indicator--d43e4eb8-db39-4aa8-80c1-0173aafda6d9",
"indicator--c2cdfd44-c0c7-4529-8faa-bbb4f3c491f4",
"indicator--f94b4117-de69-4ea9-adf2-cbadaeaf0f2c",
"indicator--91e5ee30-b498-4531-a7e6-71aeaab14a39",
"indicator--d324a5b3-a3e9-4786-bc0f-13b55c8f5587",
"indicator--52e91e2c-e944-4539-88bd-c358c4f03a28",
"indicator--d5c088a0-ad0d-436e-a92d-22deee1fde0f",
"indicator--e53e2ade-4a97-4548-bdf2-4bae3dac3339",
"indicator--211e31d1-8b79-4c19-bca9-9ba1fdcf8542",
"indicator--623c7b2e-65d0-4198-99c2-acdfdc0d9874",
"indicator--139b93a6-778a-43aa-993b-49f1501cca87",
"indicator--fe97bbce-5f25-4f41-bfe1-3cbe4fc6a314",
"indicator--58bd644d-7194-477b-9869-3b69f0b99783",
"indicator--47d9c81b-8e50-42e0-95e8-d203670f533f",
"indicator--46f354af-ef38-481b-a012-ea02daa38a36",
"indicator--90e80484-ffd2-41e1-a714-af55bd8f72ce",
"indicator--fc34e69a-35a2-4dc1-a362-416b919fa1e6",
"indicator--0454d2fc-d7fc-47ad-b003-104ecf362a60",
"indicator--a6a9e0ca-eecc-4ef5-bdd1-70aa0bb23797",
"indicator--813d655d-2f68-463d-8db2-aeda7ea2795f",
"indicator--4d59a0a3-fd1e-45c1-b180-eeb976d36128",
"indicator--1f3e1045-6c03-44fd-ab75-3d22eda1fc84",
"indicator--7deab300-5889-44d4-b620-430d601567cc",
"indicator--afe60a98-4a2a-4207-8970-af078d50b75f",
"indicator--4c643159-f961-44c7-8bbf-14a56d759948",
"indicator--685f83db-0664-4dd1-a602-f878e18194d7",
"indicator--cdbd3d20-0679-4611-88de-bf91124e2b0e",
"indicator--41031aea-16de-48b3-8c5c-1f50dc642e1a",
"indicator--6d2af61e-9fa2-4050-8b1f-eac471b1cf76",
"indicator--929e40b1-189a-48b6-8c67-e836d69f0d51",
"indicator--7d70b840-9c70-4e75-9fdb-9ea40ed05272",
"indicator--a3e75f42-94a3-4b95-973a-d35a629bdd09",
"indicator--0d473ad5-15a0-4fea-adb6-66da7578a996",
"indicator--0e1e9fb7-c770-4de0-b2c0-778adbcc9c8b",
"indicator--8071f7cc-8b24-4e2c-b0bd-7a91e8c800a5",
"indicator--621bab0a-96bb-4c5d-a75a-dd35f8d930e1",
"indicator--5fb279df-a515-42cc-a983-cf085d3d5c64",
"indicator--a52d5a50-846b-45f5-91bb-e2b384e0fd12",
"indicator--a8a8510c-702f-490c-8c8a-0fc9d2c2b9a8",
"indicator--2ef05e4b-25c8-4b9d-8922-cdbcdf1fbacb",
"indicator--9873e412-a2a0-4816-9e37-a90e7fe5fcea",
"indicator--ca4d2f60-91e8-443a-bc6e-2627ff23388c",
"indicator--8e08713f-eb38-42f3-a3bd-67da99181af6",
"indicator--47d2b586-c5f7-4c25-b099-79f90f61643c",
"indicator--e4f48e4d-6ba4-4bb0-8308-df32c5afbb37",
"indicator--fb3a4788-6618-4370-9940-6b0371e676bb",
"indicator--869cdf27-8d7a-42c0-a98a-4eecec2189ee",
"indicator--adf03e03-9e26-4b8f-87f5-462d7f6e77f3",
"indicator--305681b7-1593-4cce-b6c1-956b09f958a4",
"indicator--d52f96a5-03a7-44d2-8dfa-619e6b12cb19",
"indicator--f3bb6b21-1b96-4d6f-b38d-1fe6240e8442",
"indicator--731a9ba4-2b4a-4e59-825f-2911ca9e4eba",
"indicator--63d9e819-3b93-44a5-8586-e84e5ad4e803",
"indicator--52c74372-adca-4dd2-896a-2b84038305c4",
"indicator--ac96ab98-6f8d-4f8a-b5f4-762e8df25f42",
"indicator--6f1822e5-5bd4-4e66-8a21-85ef764532a4",
"indicator--4474ad30-50f4-4d45-8a51-5998c3c15024",
"indicator--7d8c2ce5-be2b-41bc-84d6-91bf2aed1049",
"indicator--ce6e827f-b74c-485c-ab5e-682410722989",
"indicator--0081421f-0c69-4698-ac65-e2215221a186",
"indicator--d0d161d3-6f52-4944-9a17-a43cab7019b2",
"indicator--99c8fc4c-0ec2-44c2-b274-7df9679bea42",
"indicator--7f8c3cf6-2ea4-44c1-83ef-600249d3b787",
"indicator--3d7b6419-aa38-48df-9de1-c42874bb8a64",
"indicator--052a8642-bedd-4a68-a476-834f8a378483",
"indicator--2c508a6d-820b-4933-b3c5-7664dd523c03",
"indicator--58202576-999c-4e08-a66e-ca9467307584",
"indicator--664001c0-fcdb-4e7e-ada7-7f7a18cc7972",
"indicator--c73261cd-9b36-40bc-8287-5f8cf2df9815",
"indicator--ab2cf133-c668-4d6f-b9c5-4b6b46af071e",
"indicator--73079bfc-43b2-4537-a5c8-6801186612a3",
"indicator--7e02e77f-d4bb-490c-97af-9e74dc58602e",
"indicator--9a9d4570-23d5-44a4-9a83-3add35e82b56",
"indicator--de815eca-692b-4413-8e34-6b2ed8180554",
"indicator--588feee7-3239-47da-9784-3eb05b890e49",
"indicator--bfdf020c-cb8f-43f0-805c-6908186914a7",
"indicator--139c2fbe-6d07-411c-bcc6-d2d2a4fb8f7c",
"indicator--9a86735b-a173-4922-8bb8-24885c4d1d0b",
"indicator--722ef40a-180a-412f-80be-70e9637a661f",
"indicator--4c277352-eef6-4e19-ba47-3b0c2129d526",
"indicator--cb7ecadd-9371-4d57-a3e9-ccea587b782d",
"indicator--2cf9fd1f-16d2-4dfb-b4c4-8f9dfba14fa7",
"indicator--55bce62b-7e0c-4095-8391-feb345129b08",
"indicator--80513541-1b45-476d-b682-5f4963b4263f",
"indicator--b58e4c05-e6ce-4b85-9536-803c1e82ac3f",
"indicator--c5f48c44-0303-441a-829a-23d4e3f0e5b2",
"indicator--91018f68-ef2d-4136-9fc4-bd57281bb3a6",
"indicator--426bdded-810c-4b10-9d9f-56ad31d748d5",
"indicator--ed7d60ac-b0da-4bd9-bc0c-109e0cd84ee1",
"indicator--074ca386-1168-4e23-bafb-1bc9efbec0e2",
"indicator--ab89fafe-ca23-48c9-9961-38c174eba684",
"indicator--48b6fc2e-b0a7-49e1-a11d-488cfac3fc45",
"indicator--7fe5630a-629b-437a-bb3b-33ad45d7b32d",
"indicator--486aca7d-ac21-4652-93f9-03a0c81055b9",
"indicator--a081a9b0-d467-4ab1-8725-8e37a8b59d03",
"indicator--feddd7b3-40ac-4b06-b67c-4e9341ab59ed",
"indicator--7293d7b9-dbdb-4036-be85-52c7fee10971",
"indicator--2f0e5e21-40aa-46e7-b900-67d9e69ef6b0",
"indicator--94650e50-9b96-4450-94c2-bb26de0e6475",
"indicator--1e8c3f16-fa58-4367-a5bb-717c4bcf77b1",
"indicator--f252d915-9a9e-4ec2-97b7-74210f4ee35b",
"indicator--d1a5d389-4af3-4e9e-b82e-beb22ef99166",
"indicator--5c46689e-6ca9-44ae-a3d9-9ea673d5b59c",
"indicator--48a2bb33-1526-44e5-9729-e74947c89adb",
"indicator--dda29bde-875d-4df8-8680-bf92ac3358c3",
"indicator--a02d0951-857d-4c9c-a85b-b27afa1a326c",
"indicator--4f903db3-1e9b-4ea8-8347-1d31e0630941",
"indicator--e9baebdf-b8f1-48e2-a404-6fb716504d55",
"indicator--3714cca2-bb06-468c-bd6c-e378c9c4838a",
"indicator--a5adc2d2-3a10-4c5c-a09e-0c7c256cb346",
"indicator--4547bd10-4f52-4041-97dc-3f9e74b31e8d",
"indicator--e063315b-c74e-4691-a0eb-eb43b27bff7d",
"indicator--1d196404-c795-428b-884e-42f9c05a7a6d",
"indicator--ead7fd4b-462b-43a9-ac33-44d497382616",
"indicator--b1c65932-9b13-4ac7-81ca-430808b2b40c",
"indicator--e96b6509-4a80-4bc5-8d10-8f3a363f5ef9",
"indicator--956c6821-f28b-4c6e-9f0b-ae9a38a79b58",
"indicator--aee65842-ce85-4b31-b1ec-688f85f1ddb6",
"indicator--872c25e6-3cb9-4b9e-bf25-95f58e227965",
"indicator--0c6fc4fc-9187-4f1b-9715-f2abdd57b208",
"indicator--37cc168d-1788-455f-a8c1-7e17568a4fa6",
"indicator--d8376f7a-b4da-4c5d-a3fb-962a96339881",
"indicator--90446a0d-a2d6-46e8-971a-62a6055b07f2",
"indicator--a5c3d4e8-d8c0-494a-a144-77c7b37972a4",
"indicator--9cdc7015-a55d-4334-8c32-c598a22ab438",
"indicator--9660fc9f-e33f-44e3-94f3-22f04abe0666",
"indicator--c0a2f21f-7352-4ea1-838a-e606f7605d0b",
"indicator--a52c45bd-c5eb-43ba-9d2d-84ba9ddd51c3",
"indicator--27c74fb0-4aee-43b1-9252-133028a1345d",
"indicator--0c64147b-9619-47d0-bca6-c90e5a6580fd",
"indicator--acbefccc-a528-4992-bb70-9e9b821c4ed7",
"indicator--1a92a0da-0120-40fc-9332-d59ead20b69d",
"indicator--684f29c3-752c-4b24-ba77-512f39c8fb14",
"indicator--979484b6-b79d-4685-80cc-cdd261feff30",
"indicator--d549affc-71e5-48aa-b70f-7efbfa7275b7",
"indicator--45a67e07-00aa-4f91-9fb9-da75fcc5c84d",
"indicator--204d52a7-4d7c-4006-9486-cbd2ee80e7e0",
"indicator--6d89de36-14a5-4575-aa46-fc2ed48586a2",
"indicator--be9f1ffb-ebec-4518-a10e-c4d39b08aec8",
"indicator--c4fd06f0-507b-4cb4-a847-a2f62b36b5e4",
"indicator--b1ca6ad5-1621-459e-8bbd-56dc8cb35884",
"indicator--b44d768b-f18e-4863-bc1a-7bb691603ecb",
"indicator--071d3271-d1e3-44c7-a225-5b65d58a6121",
"indicator--b215cdda-6e59-45fc-a809-9f31885e2c85",
"indicator--e9acee9b-73ce-4edc-b87d-dbfb868983e7",
"indicator--8303e380-a3e6-41a2-9a5c-3d8eb323d5c4",
"indicator--70b269e6-7f30-4f3a-97dc-9ff6b280bc71",
"indicator--fd2bc81e-9e75-4368-94d0-f6a911df5646",
"indicator--810021c8-7eb2-421d-9350-a6f48a72c0ec",
"indicator--1cd8c137-70a9-4348-9cdc-abfc35a38fda",
"indicator--71c61c1c-3dc2-4eeb-aaab-46d2c1073983",
"indicator--f92b9bdf-c6e8-4c91-9421-3c5e69aed1f5",
"indicator--788ae963-f7f0-4f37-b74d-ff477b5bccc7",
"indicator--1a4903b0-74a4-4823-976a-133ba9f07568",
"indicator--b87c2a0e-abaa-41c7-8c0c-bbcaacc74786",
"indicator--3cb0f50f-ff4b-4018-985b-93b9267d8e14",
"indicator--5446a3b9-7d9d-4e88-a443-4c88c94033d9",
"indicator--bbf84a52-57e7-4110-82bc-9bd5af261b80",
"indicator--1b272ad8-393f-4c34-a0cd-c1dab386dd8e",
"indicator--d9d77028-6481-4b3b-88c0-b827912be67d",
"indicator--d755ef2d-818c-45ee-b562-2b590512c54c",
"indicator--8f522b81-e503-40c5-9007-ad3236921f7e",
"indicator--5f7a7f21-7e96-4977-af40-d93e55a3f2bc",
"indicator--e539415b-f106-4a80-a7a1-69c3e4a2cdc0",
"indicator--f0ed8a46-b2cc-4913-8603-d1416e3124c8",
"indicator--38d4d672-9247-4486-9e30-005a3fcf5c83",
"indicator--ce67d736-5284-4bba-bb2f-ba944d9de34f",
"indicator--6ad4c824-c912-4ded-8ac2-8de044be5820",
"indicator--f0ff5e0b-b91b-4457-be9a-d58ad59dbc52",
"indicator--c2d3d3a7-bea6-4764-8a8a-4cc76e978eb9",
"indicator--006539e9-b7ff-4b2a-b532-434c54beab20",
"indicator--097a14f3-d53e-4bd5-a7c2-22e4890c01ac",
"indicator--615dd3fc-1b96-458e-a12c-37eb89913f37",
"indicator--da33c833-7ac9-4026-9c42-10f9f39d1f01",
"indicator--b6dbe99e-e47c-46bf-84c2-0c0eb0abb5d4",
"indicator--f110959e-280f-4745-a4d0-b0362515a6b2",
"indicator--7d8d7c43-7326-4c80-9be4-bb9a18f3b9e6",
"indicator--f91b7daa-8c3e-4b48-8ff0-44e2aeefa5e2",
"indicator--517cc8a1-99a3-4f89-8958-261ff1ee8444",
"indicator--f5e38e41-a7d6-454a-a3b4-e9c270bd93b3",
"indicator--6e4088fa-ffd0-4d53-a5a4-3c4173ea4e53",
"indicator--a7cf579c-9188-42bf-bbb5-0ae04286b233",
"indicator--fb9915a1-7185-404e-85ce-b0abbe9ea5b6",
"indicator--1b1ec922-bb6c-4281-9fab-b7e6a9c6e105",
"indicator--a720adea-68e4-4180-810c-90c32b5c9805",
"indicator--3b305e06-332c-483b-8cb9-75d5b007a6c5",
"indicator--d4adf3c4-5544-40cf-af65-9cc0fbae427d",
"indicator--23d2f92b-bffd-43c5-9a29-fdb881e668d9",
"indicator--cb1dba3a-c318-48d9-a5f0-672a6142483a",
"indicator--1eb8fda3-af70-4d2d-ba2c-ce43b33076cf",
"indicator--89ba2364-c018-43c3-b3d6-9465373608a5",
"indicator--aba7b7ac-aaf2-40df-b3ba-ebb8459dc139",
"indicator--06b2d2d1-1a44-4035-8a23-7c07e2c069dc",
"indicator--91b5acd0-5276-4a80-91af-64eda21f1c69",
"indicator--e4f5a765-1071-4188-8f14-d77164af4ffd",
"indicator--b6f071b4-9faa-48c0-a4d5-c8b198c41035",
"indicator--b002b075-acd1-4a69-98fb-7ea6c452c605",
"indicator--b73a6d09-88c8-4e05-b821-ef37909ddf73",
"indicator--ba125c9e-2ff5-45aa-82ce-b6d841780c48",
"indicator--1d2783d6-186d-4569-80ca-2aff7570543a",
"indicator--0f72624f-9488-40e1-9a43-eee994a678ff",
"indicator--de50941b-591e-40a7-845d-943d2e3b8d08",
"indicator--89137238-d259-4cf0-a745-5a651a889542",
"indicator--88d23225-bc49-451a-b176-608b8fc566b3",
"indicator--de5daa9d-c9f6-4318-8e35-ade0ce398691",
"indicator--b7778c33-9f80-4f40-a2b9-cf99dc974fb6",
"indicator--08ae595d-d17d-4db6-8496-fe3e0d20116b",
"indicator--884e9310-3073-49af-a701-0c6b010c87b7",
"indicator--f4ed2826-e5b6-4382-96fe-44e036874b0b",
"indicator--a318beeb-76c8-4c0e-9eae-df7f0398121c",
"indicator--475f2fed-6801-4c84-b832-61a8c68b738a",
"indicator--e5235d09-17d7-43ce-a59c-fa5a890416e7",
"indicator--17ed1135-39e9-46ab-bda6-bcff74bd0a93",
"indicator--bbc57c77-b47d-4b94-a26a-c2e9d5c39bff",
"indicator--17630d26-07e3-446d-972f-6364fade7538",
"indicator--e9bdcd88-80c6-4be6-b303-00c2868e059a",
"indicator--c008bef0-3ddc-4e63-a932-fb8b5b9bd01d",
"indicator--6d2775d6-eac4-41dd-8517-caafa5ea7658",
"indicator--b76e3f38-baaf-4c6a-bfed-404f7e2b7435",
"indicator--4eeeaf29-d8ae-4359-bd3f-048c9a29b5c6",
"indicator--fd28b251-9ded-4bab-9745-2d20a739960a",
"indicator--985fd7df-7571-4143-8cbf-2d0536db86a1",
"indicator--c49284f2-1a76-4645-8dc2-6aff5cc9d63e",
"indicator--ca15d6f8-5f1d-4db2-a17f-19926f39e98f",
"indicator--208c86ec-a91c-4dbe-bee7-9652e6835732",
"indicator--dbc7dd18-3326-41ea-982c-f0d416a21255",
"indicator--28b5e5a7-2ac2-4861-977b-ed1c0dcc2da3",
"indicator--7b04c799-8570-4bab-a74c-c1dffcfe37a7",
"indicator--4ca690b1-7419-49a8-a65f-dd6072251f2a",
"indicator--644f81bb-e2a7-4137-a30c-437bcecd1f0f",
"indicator--7c70fd92-f5e2-4613-8824-ed74a48c9d8f",
"indicator--d0f26fce-0dd4-4a0c-99a4-10618fa2b26f",
"indicator--bfc33296-68d5-4eb6-beb9-1d865e234025",
"indicator--f51685b9-a489-4993-9613-de2d03bd6816",
"indicator--8c7bdd36-0627-4c37-a435-1fbbf1162f2c",
"indicator--a2d2fcb5-6b34-4d54-8b04-9fabbfbd6149",
"indicator--ed3c68c2-6d19-4049-9961-12d2599897e2",
"indicator--6e441a81-ee31-4860-8a81-d4b08f22dceb",
"indicator--762f10f7-3971-457b-940c-83c1d1193fe0",
"indicator--e8dc8ee5-0d45-407f-8551-3d963069b21e",
"indicator--28463522-cc81-4449-99b4-b551fafde025",
"indicator--f59f1505-0121-40cd-898a-1f8d427c58ca",
"indicator--aacb93bb-f016-48b8-805a-215071b79d8d",
"indicator--24a78a46-c62f-4db7-bc51-da3ecb63c132",
"indicator--e4eb8cac-c559-423a-b7f0-fe8bf8a1c968",
"indicator--30491460-8f38-4f08-b3af-f7ad2ccad22b",
"indicator--efca9c88-5f11-4476-b077-cb88e4bcf439",
"indicator--89061fc6-d6df-40e6-b42a-fe331aae7846",
"indicator--464c0dd4-8f73-49d4-bbc0-668530c591ed",
"indicator--d5637cfd-be56-45ec-b7aa-9347dafced9f",
"indicator--2632774a-ab58-4721-8b13-cf3a60dd94bd",
"indicator--1c79a06a-341f-40ac-a4ec-4ce038e5c570",
"indicator--a53054a6-89f8-4669-9171-a515c953bf2c",
"indicator--730fc1ff-d3fd-4d2c-918c-81651fe73cad",
"indicator--c0defbe9-cbad-45dd-b69a-181cf2c087a1",
"indicator--ee26e7cf-6cad-49b1-9398-15821cfd3b44",
"indicator--9554c946-5cac-4141-ab97-b21ae9f655bd",
"indicator--1ed074ca-aae2-48a1-bd4a-f5f8786a3797",
"indicator--344c98db-e12f-4be7-b188-d6b3f7c69558",
"indicator--4ef74f12-ea35-411b-9c17-3c38ee3a9579",
"indicator--05ace2a0-9143-405e-beb4-95d7d857591f",
"indicator--0d71ca35-32ae-4b97-9529-b9aa16b45d27",
"indicator--a49de51a-acaa-4a89-bb36-f7621a927fa2",
"indicator--872de921-cd8f-43ad-8a4c-53bc0c204b5c",
"indicator--e2989b68-2f31-4e38-849d-872141c579cc",
"indicator--424eb2a5-736f-4503-82c6-b535be0a4d33",
"indicator--ea366536-2416-4c67-a8f8-3c901a3b2f0f",
"indicator--a1e4d60d-d6a6-4359-822d-a913830e62b7",
"indicator--8746ce89-fd0a-4eed-8b41-12dcd06fa9a1",
"indicator--e9ab5eee-7afd-4d91-ad83-74c5cb9b8444",
"indicator--c9cbbbc5-5131-477f-9f21-f3dfc7a1961e",
"indicator--b4be06bc-9557-4d0d-b9dc-92b1453aead7",
"indicator--0f305a79-9076-481c-b53e-046fa99b73e4",
"indicator--5244a2eb-71c3-4569-a641-37e0a3ff7de7",
"indicator--cda11a3e-1cc4-4154-8412-7b400f00a65d",
"indicator--1ed4b8a2-1cd0-4a94-9c2f-c7f970f79f01",
"indicator--5943b137-bdb9-4f34-acd9-0d8511918c0d",
"observed-data--d321245f-dae2-4499-8c18-c35002fffa36",
"url--d321245f-dae2-4499-8c18-c35002fffa36"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"misp-galaxy:ransomware=\"Ryuk ransomware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0e510cf4-0a8b-40bb-b87d-84b5bb069de5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'updatemanagir.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b79abda0-8991-44d2-80b9-01ae6e139015",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'cmdupdatewin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8029ea29-849e-4296-acc8-e04fc939c9ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'scrservallinst.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00470e52-9e40-4b33-8fbf-cf1a2a15cef7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'winsystemupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7f03305-111e-4039-81f4-8a883fae581f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'jomamba.best']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bb42dd19-4a0d-4f38-b5ed-aa4a02a10447",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'updatewinlsass.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1668e9be-e479-492b-a9f6-c9809c9d8516",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'winsysteminfo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c59fc97a-34ba-49db-98c5-0e7b86739150",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'livecheckpointsrs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e49f8c80-7a38-4181-9891-75fcc0eaec25",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'ciscocheckapi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--51178cad-6faa-418b-86e3-1679f64ec108",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'timesshifts.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cb0ee1c3-3e0b-44d7-891d-5c3382d046a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'cylenceprotect.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bbc8a1e5-9390-40f6-9c1a-1fcd62ab7742",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'sophosdefence.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aef5fcd8-349b-40e0-bbf3-d64ad63e7b4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'taskshedulewin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be6fe921-a05c-42b3-a4e4-7df07a79f208",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'windefenceinfo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ad01529e-aaaf-47db-bb7e-e0979e8158a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:54.000Z",
"modified": "2020-10-29T17:39:54.000Z",
"pattern": "[domain-name:value = 'lsasswininfo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9fd10fb4-99a0-403e-aca8-43272b2db140",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'update-wind.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d21d45a-98cd-4912-b0f9-b2e2b425ef53",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'lsassupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd5c742f-cf37-434e-ada2-83a8304efa59",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'renovatesystem.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--31829be6-f86e-40d7-a62e-a6650c38af17",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'updatewinsoftr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8d00cfbc-906c-4e10-9c30-4059122e44f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'cleardefencewin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b5de8771-cbc7-4d84-863a-8a13ecbb0c7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'checkwinupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9607f014-e703-47b3-91a8-638fe1963433",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'havesetup.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9255ec3-f159-4117-8aad-22125bdade7f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'update-wins.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--53eeaa71-0322-4a27-9c77-74b9f9be932d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'conhostservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0999aad-5a2b-4be2-b1b4-4ebaa9d153c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'microsoftupdateswin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--396083a5-6709-49a7-8da4-af9ab0518b21",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'iexploreservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0518e865-cb65-491f-9a6f-8c19692f9fa5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'avrenew.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ce0abd7a-c23f-4db1-946e-1056e7616ab2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'target-support.online']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--721db859-6c01-40c8-96c5-8da9ad5e8fa9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'web-analysis.live']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fed2f4d7-b8f7-4e8a-921f-6f4458b4f9a0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'freeallsafe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8465c022-87fa-4d2d-92fe-2e863899f4a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'windefens.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--78d4f999-2916-4b0b-910e-452cfa77ccd3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'defenswin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f5ef8640-e988-4c92-bf42-3870270eeba4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'easytus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f331f07-89b9-43ea-9785-ea30416d5358",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'greattus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cae10b32-1fcf-4610-931c-020e72922680",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'livetus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3e0bb93c-d446-4d33-9b00-d27e4f07690d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'comssite.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f6618925-8e7d-4c30-9786-d8512b129f03",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'findtus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9107ca8-b2c0-48a0-95e2-87141a397256",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'bigtus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd1247d9-76c1-4cb7-8c21-3c6a61dddbd9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'aaatus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a1f78f35-78f5-46e3-be73-feee4f541636",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'besttus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cdad0744-57a9-4f43-802d-e096b0c1b936",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'firsttus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42c05f50-7958-4f2e-b2e9-c241c0a0c9ab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'worldtus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2193c9bc-881e-4c91-bf0c-c11b2c6d852b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'freeoldsafe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--af49652e-ac6c-40d3-8aa7-dad5b3210ca8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'serviceupdates.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91599026-7e02-4a7a-b960-f4083ca418c1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21286784-2392-4cf8-9f2f-711a0baa553a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'myserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--96b299a1-c189-44be-9e92-a8e62f75f073",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'myservicebooster.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--385c2b7a-5245-4864-9336-40a06ca97a83",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'servicesbooster.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db09395f-95ee-4722-ae6d-2cabd7994444",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'brainschampions.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2d64f34a-c01b-41b8-8492-1adb11c9dafe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'myservicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--156f8a3c-2eb9-4b94-95a8-02dbc283e05b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topservicesbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d3950c70-68fd-493d-9806-1d4c77a55b4d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'servicesbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9cab761a-c772-4e2e-a97f-bf8a96cdcb4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topservicesecurity.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b8c72484-a295-4835-ac5a-2d9005c9a504",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topservicesecurity.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--88fcada1-2078-49b0-9cb8-d4f18056ec3a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topsecurityservice.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e17a6b08-b2a1-4f8d-8632-f38f95b77756",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'myyserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4b8804e2-5a5a-4e35-b24e-62d3a0d4990d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topservicesupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9459a394-bceb-4e23-9fc9-de355a3495b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topservicesecurity.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--60d3fdca-c76e-4359-8305-5719c410571e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'servicesecurity.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8c9f095d-3667-4e63-a758-99c9967e0225",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'myserviceconnect.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1726dd1a-2420-45d7-945c-cd9be4ccec4f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topservicesupdates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--977aec27-6a2f-4785-9d4e-adfad0fa9d0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'yoursuperservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7faddd14-e29f-40d3-96ee-22a9fea9c2d6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'topservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fefa8be4-60d9-471a-a1fc-6daa670e28a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'serviceuphelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1da39e7c-ade3-42fb-9767-98616879da82",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'serviceshelpers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd31ab9a-3be2-4a47-908c-fd98a15eb143",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'boostsecuritys.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9027605-e493-4d93-9f34-08ca3ebf3287",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'hakunamatatata.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b44f9dda-5ba5-4c93-8117-7e8253c14521",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'service-updater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a38397f4-81a4-424d-b30c-2248314de599",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'secondserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--92d23998-f758-4b3e-82bf-98f4d5d80d0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'twelvethserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f1a97a5-8032-4959-b0ee-510631c21335",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'twentiethservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--98091a09-a30a-40ca-8060-55f3188ce730",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'twelfthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4fc4456f-bb69-4267-94fb-894d683f0a06",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'tenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2e770dd-fcc5-4eab-8f30-8a42373b1c7f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'thirdserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e1fdc801-a4da-4442-aa1a-1767f3496104",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'thirdservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c006047b-4cd4-4cb3-8c91-edaa0f734688",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'tenthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c6c1f8ec-1281-48bd-93c6-6425f79ec4e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'thirteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--603f2b29-e2d7-43f2-8bb6-cafab70fefc7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'seventeenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b4895402-6985-43c9-bc27-8bbe8a73605c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'sixteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd1c29a7-2222-4978-8b46-92450f3e8522",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'sixthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd463fef-734d-4ad2-9504-0c05f5a1fe27",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:55.000Z",
"modified": "2020-10-29T17:39:55.000Z",
"pattern": "[domain-name:value = 'seventhservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d1c3fcf6-35b5-4d35-b6a4-6601eeede5dc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'seventhserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd418c94-4553-4b35-a53d-8db63a6e2a7e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'sixthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2e2c22f-ae80-4b01-95da-32aeb1e87e0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'secondservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--19edcef7-7090-4563-89ca-72441f791564",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'ninthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--78da7f56-5630-4c80-b149-f9fdec7826c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'ninethserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ad48d8d0-e4a2-4374-91fc-2b0f2bf90ce4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fourteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f2441129-f67b-4527-84a4-0765ae113da5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fourthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c802b1fb-a1b0-4dd2-80ec-995a2906ccf4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'firstserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--37986109-6f89-4aee-8158-df273c2022bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'firstservisehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--18872b71-0bce-4b39-8006-3cc6d640d79a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fifthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--36ce9689-0281-44b3-9e7e-cc14033e81a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'eleventhserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1053036a-54d6-4893-a788-0139824ba514",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fifthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--907d57a6-c128-44e9-9a15-844bc37a2867",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fourservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--101845fe-fb68-4574-8d0d-6b31236019aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'eighthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0b0749db-bd9d-45c0-9e11-ee45e0d41e9f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'eighteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--86aefff5-322a-47b5-90d3-6eec57478210",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'eighthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d99f08d2-e08e-4c4e-a393-5905b6369a8a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fifteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--49474735-57d2-42c0-8ec9-fdbae5ef6c68",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'nineteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb76374d-d301-43f8-8d9f-56cd357180e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'eleventhservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--acffda59-39b6-4d8c-bc33-445bc9aff287",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'thirdservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54738ec7-f16b-4d2e-9630-ef182b42fade",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fifthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6dcfff38-8b5f-4cc3-8467-d340c7e48c93",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'firstservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34ee3280-2d7e-49ee-abbc-3ded3ac5f0d0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'fourthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9ab952fb-7134-4a88-8f89-a6cc9c82473f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'ninethservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5268d3f8-4003-4c8f-9c58-9f5270063037",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'seventhservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb57fbf7-dd09-45f9-b8df-31f1448e10fc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'secondservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--95c9082f-d2d2-4043-8518-5d813db3e94e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'sixthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--76c77c0b-6595-44ad-850c-cbf735bb1da8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'tenthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cc8ae1e2-a010-4141-9e4a-941a5c2f4a4c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'eithtservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17cf0c4d-f0df-4389-900b-7ded3daf035d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'servicedupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--371fc829-7a80-44cc-98ff-ec96fda99455",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'service-updateer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--44945b47-d702-4c3a-9d6c-0d97f7181acb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'sexyservicee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0fa316b3-a084-453b-9277-6512044edd18",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'serviceboostnumberone.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--27eb0449-d1ea-44f2-a3e9-513ab26583ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'servicedbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d27eb7a5-d6b4-4836-9fea-cd33f2548b0f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'service-hunter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e80b078e-d45e-4898-9b7e-4e689d74b77d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'servicedhunter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d15d6268-120a-4e4a-a37c-5f6c48fe760c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'servicedpower.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4322fdd-c206-4a73-8d7a-e2df46728008",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'sexycservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--602cbb47-6524-4c56-a726-4030ca5384a0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'yourserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1d4bacb5-c8da-4d60-853f-17ccb0eea487",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'top-serviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9506bef-fa38-4b9b-a56c-1a971668fb8e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'top-servicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41652205-a9eb-4555-b718-f089379160c2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'serviceshelps.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b76eeea-2d89-4534-8814-56b6b9240940",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'servicemonsterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--26ec9e81-ee48-4f61-b76b-b1a6ecc39239",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'servicehunterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f4963c5-25e3-422c-b213-2c72bbe4eff9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'service-helpes.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0b3ef31c-01e5-4b61-9c23-81bcf9463e0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'servicecheckerr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c8836ed-0988-4957-a9b6-08dd13eb12ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'newservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--070774f6-6f2d-4253-a0b5-e75d4d876c4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'huntersservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ff3778f-9b9c-479c-84e5-125f2f57883a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'helpforyourservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e933b430-a319-4fad-a831-34934763c095",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'boostyourservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbce1379-ceae-4ef3-92b2-b74a7c5f420f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'developmasters.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--43857724-aece-487c-bea2-f88df06696a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'actionshunter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e983a0b4-fd8a-482e-a42a-851e0093817b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:56.000Z",
"modified": "2020-10-29T17:39:56.000Z",
"pattern": "[domain-name:value = 'info-develop.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--442311f6-cb52-447c-a5f6-a0e5e8cab447",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'ayechecker.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--69823864-bb8d-48bb-993e-288f6acf7846",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'service-booster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e5ad9a6-69d3-446e-b17d-a2017069d6b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'zapored.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--014a6356-629b-4b13-a4d5-3bc5f51928bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'gtrsqer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91f05bab-973e-49dd-94d9-80568be0cc21",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'chalengges.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6186d53c-c1ff-43f8-8ece-b395479a2bf5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'caonimas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f125523-fd2e-48f7-ac3b-c41555c8c159",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'hakunaman.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0a75a88-9c0a-41ee-adea-e94f131d41aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'getinformationss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3e1d4d96-08d4-4c44-89cb-4197b50b5342",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'nomadfunclub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de671ca9-4133-4efd-aca7-aad8b78ae91e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'harddagger.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3a686ea5-d608-4100-ba37-88a2efcfdeec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'errvghu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f2ea9c74-15f9-42e6-80b9-1dadad0f30cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'reginds.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6dd9cdca-ddd8-4aae-a888-413ffbfc9b4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'gameleaderr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a528e75-edb2-43f2-beb9-d5d30d55d352",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'razorses.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b73c08db-2d9a-4233-b65a-366738316bff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'vnuret.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--22ef2358-974a-419e-9b2f-bc89c8e146f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'regbed.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--44bb354d-1ed2-4e4f-8fc3-61839e2bd6bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'bouths.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1f90aa71-7d64-416a-9073-fd5440f0a886",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'ayiyas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bcc93ac2-9cec-4331-b36b-a396c41dada3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'serviceswork.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1595d197-b2cd-4240-9c31-c6a1b432420a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'moonshardd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c31baaaf-3c31-4754-a227-7bd3d9823623",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'hurrypotter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--22cff312-1e6e-4bfe-9d1b-dc26c12f8f15",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'biliyilish.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e326c048-595d-4c0d-926f-eaa0077cec59",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'blackhoall.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--93cd1781-6941-415e-9cab-55ef1322c680",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'checkhunterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f9ce231-5c1b-4e64-9170-9c138d1c9efc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'daggerclip.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--571ae1bf-b2a4-418c-b4dc-0240b7fe5c76",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'check4list.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa0f6349-aa64-4b3c-ad49-3cb6967062ba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'chainnss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--49c6e8e1-c4a7-483f-992b-d0772d080f39",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'hungrrybaby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--79ae6abb-5caa-4c87-94d7-bd426957373c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'martahzz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c4a672c-9bad-44fe-a85e-8bdc27c3d12b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'jonsonsbabyy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23cab516-19d4-4197-b06c-5b1fb77b2f1e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'wondergodst.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eee6b2aa-0f02-491e-9905-befa92176d30",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'zetrexx.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59c45612-089f-4303-bcf2-d8091d835811",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'tiancaii.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ebce8760-9408-4bb7-8f8a-3c738bc42097",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'cantliee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7c53aa97-1592-4292-9e43-acc5e8c0f0d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'realgamess.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1e3750f-3064-4a3b-a75c-5d6312556e04",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'maybebaybe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--08fc52e9-4503-4045-b5fd-f2858c65d815",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'saynoforbubble.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e46d57f5-2fd1-4fe6-9f87-1cb6d8953a5e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'chekingking.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c4bcddf-aa14-4f7f-afb0-d44028fe9d88",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'rapirasa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2376768a-7af7-4219-b62d-420caf8b1746",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'raidbossa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2166864b-2024-45f0-bc98-62857e06f06f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'mountasd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d6f48942-72ac-46a7-8fad-6a179959c4cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'puckhunterrr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4867aeb7-5226-41fa-82d3-9daebe6bc2c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'pudgeee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--678a9b19-a86b-41ca-9f67-67b71f61de38",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'loockfinderrs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e723061e-3c3e-4037-81d1-db99c5e21f60",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'lindasak.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a1eba4b-5bce-4967-9aba-8b89505e1576",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'bithunterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0a554c26-fce9-4365-a90e-637eaeea7b88",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'voiddas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2999ec11-c768-4473-a7bb-214f809ebe63",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'sibalsakie.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b59c41f4-0f1a-493b-8148-186a86db59ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'giveasees.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05301123-ac36-4ee4-a85e-7330bca8391f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'shabihere.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00a04905-bbde-4d53-879e-f2a41dbc6469",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'tarhungangster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5faf6f6c-46a1-46f8-9332-e592e8a738bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'imagodd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5675ef98-df42-499a-90c0-2bc8f714faa3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'raaidboss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be6823ef-20c5-4d01-be1d-8be7c822827c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'sunofgodd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d5369581-7c9c-4258-9788-89fa25c6a903",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'rulemonster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cfe1fa68-166b-4594-b079-f70c391eecf4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'loxliver.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5da9f641-a4ef-47fd-8c0b-8cc62ad43e0d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'servicegungster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd3ab226-7d83-4af1-8424-a2b93e20cf96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'kungfupandasa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7cd2ebca-b362-405b-84b5-d509621eb93f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:57.000Z",
"modified": "2020-10-29T17:39:57.000Z",
"pattern": "[domain-name:value = 'check1domains.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3c4d646b-54ae-40d6-8776-8f9d8b25ad8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'sweetmonsterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e5809aa1-04d6-4bad-bb5d-144d4239b923",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'qascker.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9862be1b-1fc8-4218-ab2e-0bba8a4546c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'remotessa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ddeec549-8ea3-4bf0-9965-d946dc0dc34a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'cheapshhot.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56b3f47d-6ff6-4a2c-985f-7774ae4d46e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'havemosts.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d78f453a-5219-4cec-aeef-b4a6c695ae6f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'unlockwsa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--27c8f930-605a-4628-bdba-d24b32342cd0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'sobcase.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ca7e4b82-9a53-471a-8d85-91561acd3f5d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'zhameharden.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b3642b1e-4d84-41b4-a575-916acd3684e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'mixunderax.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--10f20e10-3693-40f7-b506-ee4f7f854ba5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'bugsbunnyy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aea4d6bd-88ae-46d9-8f64-0bc413ed5d47",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'fastbloodhunter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3785aea4-93e3-466f-9dbe-044d828ca1a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'serviceboosterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--85f79cc4-3c0a-47fd-b263-8641887dec1a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'servicewikii.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e3b7d7b7-46b7-435a-9168-6dbff92e43c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'secondlivve.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a4567206-4c5c-4b96-b6a5-176795231f10",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'quwasd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ff727c4-11e7-4bbc-88ab-8b6c4bff9b21",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'luckyhunterrs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--03f60aa1-68c5-49d7-ae19-3a84fa321dd8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'wodemayaa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e84c011-d8a8-4124-a204-6853aa5cecef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'hybriqdjs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--37033e75-44da-41fb-afe3-49de58389af0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'gunsdrag.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--928198d8-1734-45fa-8130-cf5255e74992",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'gungameon.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--300596a6-9da5-4ba2-a2a2-93a6dc1af457",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'servicemount.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f014506b-8d19-42a6-8aac-021dd904cae4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'servicesupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb526e18-08b2-4244-a617-161b78e089e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service-boosterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ad1f7ac9-7cb5-40e0-87e0-8ca68220a68d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'serviceupdatter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b90c4730-14f1-4eea-83ca-6f38341ffdcc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'dotmaingame.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--584567c1-94ce-42f1-b4d7-8cf5bfd36729",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backup1service.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa180915-6a4a-45fc-a4dc-d690575d6f7a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'bakcup-monster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--df3eb83a-7fff-4a20-997f-6baf976ceff2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'bakcup-checker.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b68d157e-3c1f-4da1-9294-bee11e0b78ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backup-simple.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--af64685d-11fd-44e2-8559-746c53995329",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backup-leader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5f882c75-4e31-4a1b-95ff-a82aa546130a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backup-helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a232b039-1745-4f39-9a12-3e9e459dcc1a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service-checker.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--196c2975-0c5f-4d50-8f2f-d421ed276e84",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'nasmastrservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--883347d3-26ea-4f52-8a3d-bd464ad96aab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service-leader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--507e319d-17f6-42a1-944b-99f1850fdf7e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'nas-simple-helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3c960291-6a70-49b7-92fd-5a966754a1b0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'nas-leader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8afab6d6-3f37-4079-b2b7-b705106fdb72",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'boost-servicess.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--61f8af91-f90a-4573-9bc4-2d4a4f0cddbf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'elephantdrrive.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb2220de-bc48-4cad-9d27-ba9e73bed20c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service-hellper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3691daa0-2c0b-4abd-bb58-2afaa5e261e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'top-backuphelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--83ca6033-26a4-4dbe-b35e-95345fc2dce1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'best-nas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c40d67d-96ed-4113-9e1e-d75b416062a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'top-backupservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--43352263-1d35-43bb-ad1c-ddeba4be0911",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'bestservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c621491-4bfa-48fc-a707-e8d68908469f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backupnas1.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--258a2a75-e301-44d0-b4e1-f7f1e0336da6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backupmastter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--73008488-2344-46eb-8ecb-2bc223079e74",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'best-backup.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1f4389fd-b526-44d9-b911-804e0b8817aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'viewdrivers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e55bf1fa-0c77-47b8-b718-ccdc3fad7162",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'topservicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6291ce1a-3870-4355-aeb3-b1f6f74f599b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'topservice-masters.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bf7ee762-ae60-4b9e-bed8-62e1e1e31ba5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'topbackupintheworld.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6e125c36-3d7f-4605-ac04-dd3abe3f9782",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'topbackup-helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3c3590f1-9c18-4cb4-aa07-0eb9c4d42b71",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'simple-backupbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fcdfdf08-31df-4968-83ca-89c823696dd5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'top3-services.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f3d483f-fecb-42dc-ae77-e59e6e9abb1b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backup1services.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d3a4f901-4950-4011-a4fa-51388723f834",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backupmaster-service.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8682976e-9341-4c3c-84ed-34585bfb3b0f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backupmasterservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f3e7bc46-00e9-4070-b686-ce88523cfcfe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service1updater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0a4c0b1a-3295-43ce-bbd9-ad233c68b9e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'driverdwl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--217c56e6-3c54-4cb1-ab40-b15574bd604c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backup1master.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1994343f-fc2d-4115-a99d-d4abd7f5f0b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'boost-yourservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68b12309-d236-480c-950c-1345360c33f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'checktodrivers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--006d023f-d05a-4e40-8aed-7f2bb3038c29",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backup1helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68d6845e-5ee8-4522-abe4-035eb4084eec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'driver1updater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7afdedf9-c666-40c4-bdc4-ae67c4526230",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'driver1master.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2420766-0c2c-45c5-8a81-8e7d78cea42c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'view-backup.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f2760b4-2069-4dff-89e3-08c07122d148",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'top3servicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ceb7e88-7454-423e-9d13-679a83224729",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'servicereader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--97d0c8f4-8e2d-4878-a949-5dc559898238",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'servicehel.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e7a01f7a-615a-4966-b1b9-0b2b7bae9289",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'driver-boosters.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--605d2af8-303c-4a41-b38a-79ff8949de41",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service1update.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1618785e-93d0-4b85-b104-85c4e7c058c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service-hel.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0780e27a-1ad0-4c00-8e25-e23578292c06",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'driver1downloads.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c8c7610b-f439-4905-a53b-111492e77303",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'service1view.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d45b2e12-d6d3-4b47-9be6-ac9c1fc0a09e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'backups1helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--19550356-2857-49ce-b2d1-0b564b562f13",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:58.000Z",
"modified": "2020-10-29T17:39:58.000Z",
"pattern": "[domain-name:value = 'idriveview.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b8c49aed-4b15-4d83-a6c0-639d067b1cc1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'debug-service.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91f26696-09a8-40f9-9b18-4ad5f7f00d96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'idrivedwn.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0a0f2907-800c-467b-84a9-01764b30722b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'driverjumper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d5e9fbd-5229-45d5-8d1b-2d3bf191ee0c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'service1boost.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--25640bd7-cdac-46e7-b5c1-379e7393f510",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'idriveupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--65b4548d-2f2b-4be2-b628-fdbeef468a80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'idrivehepler.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--947e0956-be51-4b7e-ac68-9ea3c8a52a60",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'idrivefinder.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--048d3562-f446-4358-9444-c161c18119f6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'idrivecheck.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e6527e58-79a7-4bea-b211-c80b31178e93",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:39:59.000Z",
"modified": "2020-10-29T17:39:59.000Z",
"pattern": "[domain-name:value = 'idrivedownload.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7ec2a79-f5e1-4466-909a-30882663a807",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '140.82.60.155' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cd1a1903-a107-43b4-a3b9-0f9bb3cfb1b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=updatemanagir.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--99579807-56d6-4757-bbc2-50829755949c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = 'ec16be328c09473d5e5c07310583d85a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0d1c5b5-1919-4c89-8998-3bd053cb01a3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = 'a22b04a7a053f845670760d529b6a25777f0c4d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dba8af9a-3b12-4a8d-b003-3c8f49725093",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = 'd292eb271818c2eed1ce83f2be9743e0f14f641419b479152d211daccb9bd861']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4aafc5f0-3f2e-4140-a5a4-6c7b03b603cd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.30.192.141' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--12d5b17f-5c01-472a-bab3-cf1440422c38",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=cmdupdatewin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--082ec694-e91a-46db-9474-f8fadcf95f55",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '3d4de17df25412bb714fda069f6eb27e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd8a587a-724a-442c-8342-8a73f8a828cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = '10fcc4132e04f5fb560179e268bbc4920fced952']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--edede5fe-6dae-45f2-8c90-47e5ed8813eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = 'eb12c9f3c7c21aac3fb7d09e447173c5e2e391c9c21921213bc752fc9a60eb27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8488cbc4-9995-4825-8a76-b2baff105f76",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.49.78' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bedf4af8-b6de-4b67-8da8-04fbf5fa2d5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=scrservallinst.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--469b1eb0-273c-4cf4-bc10-1b7312b955df",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = 'cd6035bd51a44b597c1e181576dd44d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1dee85ab-fd90-4bda-bb20-932fc8905108",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = '8180fd377143b12029f4872b88376e2bf1e7f7f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac85d57f-64b8-42c1-be06-1d17b1ebaf72",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = '8cf5f2be05770e8d1d66aee3e727692ee93768a0ec4b7646d2a9360e80b58a3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7ad9c175-7bb1-4629-aea2-92ec634626a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.248.58.11' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e061138-4a4b-4b19-b9f9-2968b40ccd8f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=updatewinlsass.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--47ad5c1f-67fa-4000-b5c2-48ce989f2d9e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '8c581979bd11138ffa3a25b895b97cc0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c265c7b3-248c-43b5-8444-24733eea83b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = '105a96511d2fe0229738a6990f32265c96ddeb2b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--041e4ec9-8837-419f-a56f-1ee0b40a9da4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = '3aeb23a06002a9e67e6f9aa6f720bb29f6f7c4de2beca0d9c3f8c10c2d8f1572']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cb4cbae2-66c0-4358-9409-397c05b03d8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.30.193.57' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55652f2f-2cb1-4807-a694-730f102e3655",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=winsystemupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9df10636-d08a-4942-b917-7ded00f890c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = 'e4e732502b9658ea3380847c60b9e0fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ca27f596-979e-4ba4-9232-31d1c6add0e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = '6e2fa611740f7e555d72b4b010f3a084d7af22ae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b628e17b-5e20-4992-b4ae-13ab410f5df1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = 'ccc6c43bf0296f4f58177005e8587870d127b3cf7dfda98c8ec0db874d7645d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0e3d7d59-cf66-44e6-bf76-005ce499bff8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.179.219.169' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--65b44e79-e726-403d-b4ec-35bc41c1cda5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=jomamba.best']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f5c5135-a308-45ae-b677-a23a50ca27e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '80b7001e5a6e4bd6ec79515769b91c8b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ba974bd-9008-4e97-8037-61b7e4beeb5a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = '066963090ca0bd82db74edb1d487e8a934434216']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--81b9d089-e682-496c-965b-806fd9e6e918",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = '7572a48a8fedc50f3a8795632b087a9aac252b302347a4ecce948373b4e2ca7a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--22fd10c0-8037-414f-baf1-388451e7e132",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '140.82.27.146' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e34791a9-a71d-4dea-8fa4-8d3af6408777",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=winsysteminfo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8146fd51-c406-4cf2-bc51-c370aaa12189",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '29e656ba9d5d38a0c17a4f0dd855b37e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--789b7584-d570-4586-b7f1-52ed12c041ff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = 'b553cd33508d21fb825219518f9f80c9e4cc1084']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90b43e0d-08db-43d2-a424-3ab352c071dc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = '264fcf6a027152fc8cef1466d7462b2ffee419ce9aaf9ce431ea82b2fb0bc4e9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--649a816e-ec67-463c-97e4-687b40e0824a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.32.170.9' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f62c673-edc8-4f14-a0b5-e6cbd9097112",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=livecheckpointsrs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee7b99a3-3a3d-49bc-affa-1fa6098c232e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '1de9e9aa8363751c8a71c43255557a97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5449fe33-e928-4429-ba18-0be3c63be58b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = '7c1939f24a7b37dc60418366ea892e342cd399ba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9f16707-beca-43dc-bbac-0f009abb779e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = '1e314dd0d5e09afced92b7fca8df8fb6d9509526402a3f385998525760ee6402']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cbf1a0ef-1202-440f-86fc-4dccf75642c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.8.61' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58c4fb1e-c752-4062-9a09-2a25010955a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:name = 'CN=ciscocheckapi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c555887-1bb5-45ff-bafc-7982e3acea15",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '97ca76ee9f02cfda2e8e9729f69bc208']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea880e3a-e4ea-4f52-8331-f4d587c0fd5e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA1 = '5d444ff5147f4efb210c46c776b583048b8a659d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--515e544c-0029-4d4b-a232-0aa7e0fecf00",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:49.000Z",
"modified": "2020-10-29T17:40:49.000Z",
"pattern": "[file:hashes.SHA256 = 'f2a2bcd31317e23f8c30219b373bdd1fc1bcb2d33afe0f36aa716dad0ecd00e1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--79fffecc-6028-4da7-8c0a-bb88d7809361",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.222.108.106' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62ca0e36-6656-42b1-a526-0210484870a3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=timesshifts.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f3315103-00e7-4404-8c92-c398a40180a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = '2bb464585f42180bddccb50c4a4208a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--adc635ec-7091-408b-940b-6b74df35fa6e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = 'e0cb4fa500df56dd0845bbcb54d2714e71574c30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ad901c6-1b47-4354-b70c-ea591c91cc2d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '2c264d7e234a80db5330f8d84563accc4731e635704b938ad12a2ab264d0ac7d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2e174bf5-5b31-494c-af38-a976210bd4fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.7.59.141' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34494ce5-0042-49aa-9240-efd9dcc94b99",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=updatewinsoftr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4a15ae74-9edf-45bb-8924-acd35e5eb1d7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = '07f9f766163c344b0522e4e917035fe1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--28ee7af6-d076-4f97-9baf-87f026fbd6e9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = 'b45bafb8f93613d50df578337422a4822efa26aa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e02a38a3-cb97-4d1d-8a6d-7fd0f81db706",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = 'b4d23c249febb6fe1c2abb74694f523d5a17ae6d8b2881e45183e4bf8d16e62b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4279d92f-3e32-4102-a2f7-f5a8c173d375",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.124.60.117' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f4cbbea-6b69-4c18-b000-8670b336c567",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = '9722acc9740d831317dd8c1f20d8cfbe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--79bb428e-d085-4fe5-975b-6dafb7890107",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = 'b960b263c727ad26d4113938ffad1cad8b2c5ed0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ce85cc8-3396-4349-b710-c051451dbed4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = 'f1adc5abaf6fa1c92cc3904fe45577322b156bdf8ae31d819fdebc63efd2d811']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b97dda49-3923-4fbe-b043-779a18f0d3cd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.42.86.61' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--96eb9dc6-f643-4353-bb4c-c5bfda428407",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=lsassupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ccc53f0-60a0-4152-a4bd-74659550ba40",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = '3c9b3f1e12473a0fd28dc37071168870']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7246b713-4a08-4e50-8b62-e670a75254c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '1cff540c8d292ebcae1233d25c6e07244780a937']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--da75a00f-4756-4dd8-9062-82d8801bcff1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '110a573cbf00c84cc12403c729810d583f8bba9ac05493a48c415335cb88cbbc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e1493b8-74c8-4246-8d6c-14c86d96810f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.20.140' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0e5a06d2-3477-447c-a677-4c9e21a844e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=cylenceprotect.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd4ab430-9e3c-49e2-9d61-30f70e4c37e9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = 'da6ce63f4a52244c3dced32f7164038a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52bfe7f0-a2dd-4616-8e54-41a0d958500e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '38c3f9bb4108fb1850b350fce35893d33600564a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d4564a42-a813-427b-ac42-4389d12b67ba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = 'b1dfa21c616a858349528fc62907b8b1003b511aa767f7d9ca52406e2f764d2c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d3b8b273-7c51-4921-9174-c555b3809d62",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.20.140' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c53342df-523f-4d31-9289-94d234353705",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.248.5.240' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7693181-befb-44e4-8f5a-9f7612db4440",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=sophosdefence.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ddbdde6f-8ef7-48b2-8dac-973d2bbba41c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = 'e9b4b649c97cdd895d6a0c56015f2e68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--607e1909-5319-457a-b4cc-0cf829720c43",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '41a22c194b0d130e66df80a98af9c38bd4df1dbf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6bc51c6-6907-488a-a7bf-e93f478f5353",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '93c0ed964432b30b221da415e2ccfcfe5148b61cc7f337dbb8ff476ed4a97df7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d9d7cf9-8a29-4fa6-a4a7-d7c90904c0cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.202.12.197' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f0097db-e6a0-414b-9de0-f18dfd21c23b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=windefenceinfo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9837d389-179c-4c46-a16a-7af158091b4c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = 'c6c63024b18f0c5828bd38d285e6aa58']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--510d4112-9f9f-4932-b10a-02f648ab5f15",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '47849e64b1564dc4070ddccbf0932b5389c3e896']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56a99f2d-d9c3-4748-93bf-b33a87b811b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '40b3e19429e6554b4a205d74d4360096e1b80b60826a5753f4bb33bb6e093e57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--15cd97ac-d0ec-4641-81bd-f5b8be067884",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.248.5.240' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91f25e5a-a78f-4603-880b-d06ae222123d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.246.25' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bcc3af6b-5b42-41d5-aa76-a37bd1658653",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=lsasswininfo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80f893d0-c29d-4162-aa79-a114d080a028",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = 'f9af8b7ddd4875224c7ce8aae8c1b9dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bfcb857a-7824-4b1a-bc71-1483cbed3b16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '99cb2bce40c34f414dfe4dca266a4b36504e7240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7a70f78-2184-4389-91f5-3b4a01e01a03",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = 'cdae5bf21f7506d5d37588b77cbd75e9a2eb6b3767feffe10e79c6c8c5c21460']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--840b7f84-f925-4481-958f-d8956a1ab3e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.202.12.197' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ce8748a-f05a-4d98-9c50-3387a80e76d6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.246.25' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--38d8ade5-9ada-4d85-827b-7ca6fc4ab893",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.119.212' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52ff35be-fe3d-43c8-abcd-81bef8edaeb7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=taskshedulewin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7547d5c8-ebd9-42ef-b385-06a63f99b3f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = 'e1dc7cecd3cb225b131bdb71df4b3079']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e76ff0c0-2d79-40bd-9032-74794b26ce92",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '9fb79662e49c6584da6524e65b393a6e90c5bdc2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d6e1f8e3-d7d0-4182-b622-426944aba38e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = 'c655bc84859da3af855fa69104bc970bf30c617843419cc01bcfdc2ac777eb8f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91bfab1c-644b-4841-9d3e-f15229b2ad34",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.119.212' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42a54e77-2c32-4eac-87af-6bd7821517af",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.122.130' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a09bf7cc-1866-4983-a76c-8b456378ebf0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=renovatesystem.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05d3f6b8-c8a0-49f7-af78-d7a09ee8b31f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = '734c26d93201cf0c918135915fdf96af']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db4f0e67-6ecc-4e97-b200-d7d369ae101e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '8c46fde811fdae417aaabd6686f2da5e51532ba8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d4cd9b1f-dd33-482e-96b6-8715f6852d7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '9878b760618d03f4899fe35bd68aafea65c9e38e6af7116cc85dab23058d6563']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--affa1d86-7bc5-44b1-a945-2c8a4c787f1c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.32.170.9' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42571d8e-b1ae-424f-a89e-33c10c6ad9e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.248.58.11' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e64f7e4c-c178-4f6a-8769-30a05d60ea10",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.122.130' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b67f6ab-659e-46b7-8ae8-5c4eb1fafaaa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.8.61' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--85a551e9-4226-4380-a1af-b80d44d4139f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.17.25.210' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b038ebf6-b92e-4a93-b426-bfd1eea51867",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=update-wind.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--891c5c3e-957d-400b-8014-9bfd800de769",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = '877bf6c685b68e6ddf23a4db3789fcaa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52921701-9e1d-4598-a5bd-0e1564fe67fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = 'd01d336421a6faaafb6a7c475501fef2b3daab73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fdc3a2a6-5d57-4c70-948a-e2553643c83e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '76d128e9d2f4cbbca53f1c12d99d34861e2d0093dfc4bf266eb4bda1d18c9b13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a62e775-8281-486b-b09c-9606c8a5ae12",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.7.59.141' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--37669819-2b0a-4d87-bc4d-5c4bc28d2927",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.138.214.247' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1b883ec-0426-41b0-99c3-647ab0a58222",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:name = 'CN=cleardefencewin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8aac1a4d-84f0-4225-95b1-a73f9bbf1119",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.MD5 = '61df4864dc2970de6dcee65827cc9a54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e6b48a3e-16d9-4941-bd68-b4baf493eea5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA1 = '609b7f799292cf1f4558340d7968b1c5d4a79888']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1688fd4-eb08-46ba-a411-0f8924bae0df",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '9476e968b85e956f238ea88e88959ac9b806e9d6347db687f27844cc56a154a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8a55a2aa-adba-4bd8-baca-5c2ffd54b1fa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:50.000Z",
"modified": "2020-10-29T17:40:50.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.138.214.247' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed42d975-3d9c-48b7-9ec5-95712661bca6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.231.195' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1d05b2b3-7366-4cbe-9cfc-01f972bd2a90",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=checkwinupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c1d4452e-f225-4695-9793-f86af9544c60",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = 'd8e5dddeec1a9b366759c7ef624d3b8c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e24520dc-60c5-440d-9be1-136e13f93544",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = '99a9ba078055c65e35e74481b40373912da752a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fcec772a-2c58-4442-9b87-b44a8e49db7d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '2db47909e28b0fdfccbf276f5d0e462f3a5edf8f55340f4e76d62612b67691b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--870c086f-5868-4fde-9828-a5f356a810b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.231.195' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ece89a73-da41-43f1-83f9-ebe9571ddeb0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.19.142.154' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--84593f8a-0699-42ae-93ba-dcb9bf1f6fdd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=havesetup.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae517785-3a6a-4af5-9e5e-fb5b03eeab11",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = 'cd354c309f3229aff59751e329d8243a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d592fd88-37e7-4450-b6ec-b72938a9077e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = 'b0381f14516ec5099ac50274355360f6d068bf8f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7117419-1f5b-47d7-bd46-6fe9340fcb54",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '97917f3e47bbfc83cf0c3bf91575cf03fdcf8f7e8a09fdcf99392ab1353a1afb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fcfcdbf2-acb4-4062-95e5-fd40f07fc51e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.179.219.169' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23cd5963-af60-4cd3-bbc8-d2ce93256fb9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '140.82.60.155' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--523463da-c26c-4243-914e-bd35091e9f42",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.222.108.106' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1087592f-a6e2-4485-8fd5-852a10a0ae9f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.42.118.123' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--334ed1dc-51b6-433d-8442-6f7e7bb369a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=conhostservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6cb1577-4ddf-45c2-b5a7-253470db1e64",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = '6c21d3c5f6e8601e92ae167a7cff721c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de9ad2b4-44b6-4cee-8b19-6988a87f3cfc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = '7dbc84187ee9fc33c72c8feb1373d9811a5c6714']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6624c957-3a4d-41d0-9321-13044d288e21",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '4e63e1695eed77132662e83ebbd108db5b2eabb4f7e1362bd29468fdb2f7611c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--33f66d93-7a56-433b-9a9f-19bd7300d6e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.240.18.106' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--017b27be-78d2-4d35-88cc-d1e5b70ecf96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=microsoftupdateswin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--51fb7a88-e1f9-4f64-b722-6cf37c8cf3a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = '27cae092ad6fca89cd1b05ef1bb73e62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7698d8b2-1816-4459-a86d-fc720ac414c4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = '4008249a1d6486bfa92e8c33b61d9598cf9d5881']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e5b633b7-32f3-4d80-af1f-bd67ea176cb6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '2616a8bf6de6a32070b3221f1387ddf56a57bb7b4ebefd54bc1e1741c9fbf018']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ef30ca0f-b2b9-4563-ac35-77ba97bf06f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.179.215.228' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c7e495a5-f056-4069-bd3e-ccb679523ac9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=iexploreservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9aaee704-524d-463c-a060-1bf72d900391",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = '26010bebe046b3a33bacd805c2617610']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ab266991-0faa-4e2f-b232-7f7af48c21cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = 'eec4f054456000b57ff799dd48b77c4519ddccff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--24af6b4a-682c-4558-b4e3-29470f3e69e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '0a0cd4e9513989477dfb3c36938ccba04300d22db5f1f77ff08f65bbe7863a8d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--35d7d42d-1af5-4c97-a3a8-e1ada1875819",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.138.216.133' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f3f78ff2-424b-41ff-b367-76071414d1fb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=defenswin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80c3b8d2-f836-47b7-823f-ffd5b64447f8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = 'e5005ae0771fcc165772a154b7937e89']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d853deec-d2fa-4f54-b588-63a247a36ba9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = 'f5ab640e738b6f352b2654cd41f7b4e6761156c5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e79030e4-9c74-493b-8492-1b820ea76bd6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '8d7b207f3fe350c41e5b90b0e8e8a652906c80e3b2437dad2dc1e310cd4a1a42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c7276df2-361b-4b46-9574-1d22a7b1b527",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.32.130.5' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb8bb344-3d11-402c-ba34-23ebd1f588c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=avrenew.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ffff96cf-9a22-4b3d-8d27-d0b4272ab8b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = 'f32ee1bb35102e5d98af81946726ec1b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b35a2ea5-e6c1-4d9a-802d-6843440de102",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = '890c66fc0caa1fe398c9a2aa07aaf68192a1c5f5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--24ff8890-7497-4d4f-98b6-58d78e71870e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = 'e83809857c10be61ad695e517681c70c2f5d998fb848f6b61edefa173dbbda85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a3a8e4d4-fbe3-49c5-8948-64c013450b7b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.167.35' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f2afd0f9-0a32-4279-ac14-8a3948b96cc3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=freeallsafe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6aab0f9e-4e7a-4b6a-8220-e6cb1cdf8894",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = '85f743a071a1d0b74d8e8322fecf832b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--35857348-45e2-4ffb-8282-e89cbaca3532",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = 'cb730c6ab5514eaabbcf21d5b0879e4e073122ec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20b23af0-b997-462a-9689-6c2177e5ca99",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = 'c3885ce675c2557545b280a0fb6a74ce659f1c55411182026509475d04189722']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50022956-441b-4e5d-bee0-25a452fe8454",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.63.95.187' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a3eaf3d7-13c9-4c75-ba4a-d105c9b2c0bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=easytus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4eb1f228-168f-47a4-819d-c6d5cc0f1c25",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = '17de38c58e04242ee56a9f3a94e6fd53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4216d33a-6eaa-44cc-835b-68531461e4e9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = '467e5b8ef36321eaed59253dc46ff058ccabe4dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f9c6e4d9-d24d-45b0-a942-317429816ad1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '79e5ad973029586c33a59362ab3d9cf2aded0712a44dc20b295bee64f380eaa7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bdeb5b71-4413-4bf6-9f50-c952cd06bb15",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.89.31' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9ddecf54-7bbb-4c2b-8323-567e58f6dc96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:name = 'CN=besttus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--32e56fca-50c5-407d-a417-8e72d944bea5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.MD5 = '2bda8217bdb05642c995401af3b5c1f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e08afaad-8dfa-4523-aacb-e21cd91c6b17",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA1 = '6517d2589340d932ffa3d12de873a1297286a087']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cff4a452-cb57-41eb-8618-7de534a7064f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '076a258d15761e3aabb33812de719b829ce6bb0f50c8faa92c8c69616ac94c89']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8739266e-d1fd-454d-803b-e028416a05d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:51.000Z",
"modified": "2020-10-29T17:40:51.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.179.147.215' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dea0d7ab-d634-4177-80e8-d09126b287f8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=windefens.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00804b68-a984-466c-b97c-17926f6b2ed4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '57725c8db6b98a3361e0d905a697f9f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2bff29dc-5ca8-46bb-9f2d-ddb9e111acaf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '69e0992fbc7f770d925978563b8651d3935ec15e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b86ce5c9-dc12-48f1-afc6-ff45b5eb6978",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '6b0b890f300f638408d4fb8b327f59ab70e395eb71254f75e93f4c0497d0a4d8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--47c99504-e196-4514-9d45-542ec9b77bee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = 'c07774a256fc19036f5c8c60ba418cbf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9745e202-bb4d-4a23-9560-794e4d30d7d8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '33abb3e6aebf999d9e3ed6b0fee219adbe3e4b4e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7322295b-4c8a-4fe1-904a-decd073e513f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = 'b3a85e75c513b6d1a4fdb48cb50a210cb2016ba2e76b701b32c7ade5e1d17c1f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4e7ef519-f153-45a6-9c24-64efe085162f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.238.190.126' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b54942c3-939b-49ac-8968-4a771175e041",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=aaatus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--77de66e7-a990-4413-9207-3f6e40dc537c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '4039af00ce7a5287a3e564918edb77cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5959b75b-37d1-4f13-a8f4-e0ce3c84cf01",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = 'b09b8ee999de518d22143210ca33297512b1c4df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--07a99311-b5f4-40bf-b37f-689517074cec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '07843c5cb2660d79ed39314eac202c2d646c94b9223020e7b124d31a36006a05']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db6d80a4-1b90-4a46-bbfa-23a39ba1fc70",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.202.83.4' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cc667ed8-8cea-40a3-8e52-d3c12717b182",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=greattus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f4f81a7a-b1dd-4031-bfe9-44872db4e2df",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '7f0fa9a608090634b42f5f17b8cecff0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd430d31-7344-4d84-8495-74633357e1f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = 'd8475d0d71b35560536189979cb60083c69c5226']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9efd60d-eb9a-420e-a4ec-e4388868b1d1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = 'b07c7e9a9a5809aaa4112ab3b5c05d05d921507dd668601d6068d84cd4f8ae14']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59b38e6a-6374-4b4b-b52b-cb20b07c6eff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.156.245.0' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--644e4230-5f4a-4eaa-8a2c-a3da19443168",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=comssite.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ffb2edd2-528f-4fbb-8bec-01a07d8de347",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = 'f5bb98fafe428be6a8765e98683ab115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d638b367-9d7f-4daa-b0ba-eb0c54f715b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '56004e82dc46cef5b3a81fc5eb5024b598d5e960']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c19dc05-8157-460d-8262-c54084eefe32",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = 'bb3a0f596d115a74c021662fceeb0712518eba8198f0db50708582325f356d36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42000986-a42e-41f6-8fa9-fb2743e94126",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.32.30.162' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--10b98549-99c7-4d34-9fc4-02317bed4488",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=bigtus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ed1a635-f92e-4ae5-b7ed-d7871487a840",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '698fc23ae111381183d0b92fe343b28b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9e9d3341-356f-4651-8fd6-1002171c1d56",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '0c37d764a4fd7ea1deac606ba43c64543bcacdb8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80efd8ec-2470-4c1c-91d7-5c795848425a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '9f46b2ef7e2aed87d59536d2c228b19b04e319110b505c74490d430a367fa63d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb4c1789-b46c-49f1-bb19-e3789ae84db7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.61.242.184' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bc7ce885-0275-42b4-92b4-83253d95e337",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=livetus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--53a0c056-215b-4949-a281-08c5481e5b8c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '8bedba70f882c45f968c2d99b00a708a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ff0d1c2-9552-4163-825b-03223a8e8021",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '7316167007e6569003792dfc1d2c7a71c3948964']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ea8a639-183e-41cf-8411-5af5e88eac45",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '6709891071e905d80f6ef1b60e313e7a78f7c13c4766c9eaf7440ba7ab1e4146']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dc33750e-b31b-4184-8dbf-25ef4033a98e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.15.31' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62781b34-d0f1-415c-86d9-d5bfc8a15cae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=findtus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a665fdea-ed12-4baf-bd05-648103ef840c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '15f07ca2f533f0954bbbc8d4c64f3262']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be73285b-0bdd-47c1-b9e3-c1b9eea322ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '909fdc653db2a9c1ce7ea9205fad977da04ef87b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7b33407d-3ff2-45cb-bfb3-397e9b050e08",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '723f307f7588a95a1825ba8e9d2c73bacb32cfe817b92b6ee95cc2f1bc10c52f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cf841ac4-c104-44e5-8183-6690286ee8bf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.15.247' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--81a28832-2709-458a-b39f-9f3c07f98c8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=firsttus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8b759d10-a1cb-4f54-a2fd-c2f3f1b6cc5a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '88e8551f4364fc647dbf00796536a4c7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7134def7-6a58-4b58-aaa0-74a7eb5718a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = 'b74c4ae719caaa86ad6a82257f2e5763056130a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2800c260-fded-4900-a15c-5331a02c5306",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = 'f4e742724b0ef84c6ca0222140369fcb2e3c3c1c937d931ea2084fcda9976d5c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8df2c887-50e2-4884-82f4-3a2dda412219",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.138.136.182' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4fce7aca-c250-4042-8c39-c3307a979c85",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=worldtus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eae46961-9e2a-4543-a725-46d7249a3d46",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = 'b31f38b2ccbbebf4018fe5665173a409']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ccf8449b-8faf-4ec1-8164-7cc6d2202b87",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '94e778d9dec76c8bf6202729b8d58a35ae7ab200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--35f72a43-6add-4881-b9b7-6da3e9fc3637",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '1afa19b14c4ddb369da37f62eae288e862aed2c83d7fa1972bb87fd04b260262']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21e044b5-a67b-4fab-abfc-5261a827cbef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.58.172' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--18ab8719-be52-4acc-8c3f-f03580ed6fc0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=freeoldsafe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--846a0c04-b4e4-46c8-9030-ba44c069557e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = 'a46e77b92e1cdfec82239ff54f2c1115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--67330ae6-5320-4394-9c0d-3dc392912bf6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '8be806aa652622cf863504db24f08951be702e83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--07e0f333-3853-4a05-917c-4d655e3c52b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '24674de1ee2fd5321cf807331b7ab22d5cec3829c0e1725864a5270bfd58062f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--540f8845-ff29-44ec-8f39-bb64230a29f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.61.72.29' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bfb24beb-d96b-46f2-bd41-ec3d9c38a4df",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=myserviceconnect.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--580acf6d-97d7-4c85-8019-9d98b711750e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '9f551008f6dcaf8e6fe363caa11a1aed']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dca816ef-48c4-40db-9cc7-0a27d020e67c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = 'f6dbc5b6efebb9393b66defb71ce54cde1ab4df7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f5f440b1-f38d-45a5-8dd9-c6ec0cc390d8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '68965e193004f8171252a6987a9a79348ad2b50772bc0ded3a47dac834488e57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--61c6eb7a-5a09-44ff-8ed6-138ea8b34450",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.155.157.249' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41dd3a54-5fdf-45eb-8966-f644e7919dbb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=myserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--01764c4d-ff52-442f-b61a-6d73261af626",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '4c6a2c06f1e1d15d6be8c81172d1c50c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--66a5ad42-e341-4746-8da8-49654123134c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '83a360c0b4d2b7301e86666a62fcf280b675516a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a3538e62-9122-4077-a7ff-eb958edce93c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '86e634473a5b7a91161bf11921ec20720452a54bde0c1d81289e392473ad6243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d27fa217-5779-4c1c-96f2-5a28cea4ecbd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.98.157' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ec68618-a003-4c89-9bb4-cfced5c5d429",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=topservicesbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--16d4dbf4-7cd2-4f3d-a86a-587b48f3096b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = 'ba4b34962390893852e5cc7fa7c75ba2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ad210c39-268c-440c-96fb-dd8782a2347a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = '7a00b9eb03646cbc879f5a3fa3be440ce21e18a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bb2d5c3c-24a9-4906-9714-049fb6669706",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = 'a7373c28c6c580374d9a7fcb7c10b9e46ec34c5f0d7f00cf94991c2bde63ae68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--718118e5-4294-4758-a405-9a23e4d3eaa7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.156.250.132' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5f519f7b-1df3-4dd9-8ec8-6ca147f29b73",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=myservicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a0c0ace9-6e06-4779-97a8-276d1cc272aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '89be5670d19608b2c8e261f6301620e1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b42e574-a18a-4af7-89d3-14b1b8bbea3f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA1 = 'd65f5b78e1f4fb0dc7c9d18c63518985a228a07c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3e172674-72d0-4626-a222-436a8dc1a025",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.SHA256 = 'f94d94a3758a7d067031253da6769d3cd482d871ce5df372688aba974c049e27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f164e840-f539-441d-8feb-8d4e22acf9f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.50.31' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e82a9826-8191-4159-8b3a-a8486dbd1724",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:name = 'CN=topsecurityservice.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa82a8cc-c952-4f31-ab2a-20e1a490f100",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:52.000Z",
"modified": "2020-10-29T17:40:52.000Z",
"pattern": "[file:hashes.MD5 = '77e2878842ab26beaa3ff24a5b64f09b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b71b6a-3026-455b-b601-b877a779af76",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'cd733eacf19997bfd1b410cba2df471692836e40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fdd12221-bacc-4364-88a9-8811a507495b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '464d2a04fc080c7a42236deb9ee3904fde31fbd91578a606411d0df54c0dd5d5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee380cca-82ba-476c-884a-9fe8da5e76ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.55.197' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ce54cacd-d226-4dbf-b72b-50c5158f9496",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=myyserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dfd6a1eb-b683-4020-9d32-87555b035081",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '0dd8fde668ff8a301390eef1ad2f9b83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a94ec98-ed20-44f7-8f21-a477849124c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = '4de1b99c45cfa1277665e868c7e5fff5d3e1985d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f68c0ed-af39-4209-ac62-db46363e227e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '8146b93c184a5ea52bf62fd646b3a2790416a399413eb09bc39e34e7fb6e9e59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f6b3ef3e-8977-49a4-85e8-46e0bc550c28",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.246.67.70' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bf8b68df-e6f5-4c5b-9028-6322ccf0defb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=servicesecurity.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0175249b-809e-4bfc-9ceb-427e5d25c7e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = 'c88098f9a92d7256425f782440971497']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8aad1757-ac36-4d7e-83a8-a3af6de23f3a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'c3b9cf865498ab88d627704ea6a63ae5fea0be1f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bda0a089-ab15-4ef5-a2d6-2279897308e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '703e77b15e6f9d35775d0a03bbe1df67b2b705c501d1fe61b0e09dfc9591e903']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--04e520db-1cb6-43e8-8b1b-4831ee1f42b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '63.209.33.131' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6020be27-94d6-432a-8e14-71f5a87c9bb3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=serviceupdates.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ae9d6ae-45d5-4eb3-9e52-4a5c8ed0e7d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '16e86a9be2bdf0ddc896bc48fcdbb632']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1463b89-2ff7-49cb-9694-23d103788607",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = '2e63006994f34f38af65a5ae17f4b0bc36f3923b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbff6aef-6fdb-4215-869c-97db79c900f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '18cdda74b6284302b1e8016a6f7be0be98714abb99a9838dfd24e6b5c325705e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c6c49d5-1063-42ad-a39a-e748feb0d386",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.206.105' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8482caa9-8900-447b-98f5-8918acbdc631",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=myservicebooster.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f5e5d6-1adb-46d8-9bfc-4c38cff04453",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '6e09bb541b29be7b89427f9227c30a32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3c42f2b3-eea3-46e8-bd13-a5b9d11882de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = '0b7fff8e99688f969695d8082e2fffa3d4baeb5d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--45ed8c29-07a3-4f59-912e-018319f179bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '8c9e4f3cbb903924b0957051981eae7b4126599570a7c450e40a13dc36a757b3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dba98b7c-139d-4289-8040-083b6c7e4c36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '140.82.5.67' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd4a191e-9a1a-487b-87f3-6d3dd298649c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=servicesbooster.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--382433fa-6455-4633-b45b-fb0ed854bd48",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '42d2d09d08f60782dc4cded98d7984ed']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--299f8416-84df-4f29-ace7-8a5837d5fade",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'fb55e32e6e0a4ad94849640271db2077bd87b33c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3b3b6aed-e0ec-4335-8599-59072d63275b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = 'e7a35463bdcfdfa35b93f22f1932489c2545fc7d59437b786160d4fbb770385b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58dba38a-9775-4847-8974-9909966b339a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.61.209.123' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5077cc53-61bd-4dd4-af0f-0b0b5c40105a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=brainschampions.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--30361603-692f-480c-9d88-03d6d5d1533b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '241ab042cdcb29df0a5c4f853f23dd31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c18bc053-de01-4b51-a754-b022c6781c27",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'c9a5b93d7ed3b1ff9e22ec2d23950799d6dc32a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cea3391b-3611-4b06-8aba-f9bb1a3a40e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = 'caf6468f1b2c19d263df862572abf9c2802a70434668f1dcc355b7b8b5bdb8a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9b007635-7b73-4bc5-8dc5-1813c5208d5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.156.227.250' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2bd12c05-7c3d-4ffc-b505-42b96fde5d3a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=servicesbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--583420e8-db42-47bb-a943-8d80271b2d3d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = 'f45f9296ff2a6489a4f39cd79c7f5169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0e417bf-1d0b-4a27-b6cc-177addb75740",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = '0f8e67da6bd21a18fd3284bdc9c9a6c2e24a34ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--833854bc-84f9-4c04-a4c5-b815cd7f33de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '3b2dfe2cdbd8f6c21049ec7a0e29b0293002990448a4517c52fc4a24dd21c7aa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56ccbc57-8715-441b-9c3a-ad6d10a24c6a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '140.82.10.222' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0a1ada3e-6f1f-431d-aeb4-b5206865bbd5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=topservicesecurity.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2282a6a-7df5-48b1-935e-867f1a28d949",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = 'b9375e7df4ee0f83d7abb179039dc2c5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--af195795-8cea-4e64-a47a-0b7e228cd43f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = '9d3bef858d1c7634c39e01baecaf89433c5885ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f07fa32a-b72f-4056-b2ef-11fe51409455",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = 'afa1c237384c5bfb837ad0954cff51bd06ee319b2b5de2a79dc33ace16167e0a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f3569b7-165e-4544-b9ff-635bba45284a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.28.35.35' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a5a2c5d4-9c74-4fdc-bee0-1f699f027a9c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=topservicesecurity.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--475e17a7-7484-4eaa-96a4-204d969e7aa7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '82bd8a2b743c7cc3f3820e386368951d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f300fb1-fec6-482f-bfdb-740843e2c4c2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'ce75596aa0267c7a7e080259c1c1acfeb255404d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b78f0356-fc25-4ffb-ab7a-cab3d8f62c33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '307b05a89a820a13293b4d397e58d50f4fe66253addf7bc10ce5a1b49ae89d90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f594e8c-4b35-468f-9ebb-d2883086c8f6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.21.17' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7418e75f-fcc0-4bab-9ca3-818234162e27",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=topserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d66b9925-c0a0-4a7b-b1f8-12405aba0009",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = 'ece184f8a1309b781f912d4f4d65738e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e0b35643-62c0-40b5-927c-e7606e1ea028",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'c9a0613f52059ae9eb22b8e39f19b9cc97740f06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d5ef0d71-4c73-4c21-a228-068f1abce7be",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '171130c71df2bd9f4c6a9218ff38ed187f934b8736a5edbb2d288b5548f88537']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae1de120-0cdd-494d-ac37-34974024ff85",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.153.72' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e19e7105-2f52-4d11-a800-cfa5637730a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=topservicesupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a9c7eb92-c4a2-436c-b31c-dfc70b6868e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '8330c3fa8ca31a76dc8d7818fd378794']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f135606e-16e3-4bc9-9626-03db99a9ab86",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'd76fffdaf1f47c5ec66192b8c399853bdf8b82ab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b3126455-4d27-44f8-a40c-f7cc9a2dabae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = '365bc7cde718d582675ceb99f2c07fd5adb0f021a94ac61c60c7025ae8ee6c10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f52418e-4382-4948-8652-7632cb4591e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '140.82.10.222' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8246fbf7-fbfb-4891-a9cf-f505e31a3ce5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.148.21.17' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--df878759-b12a-4d82-b2ea-b57d2e0c2e37",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.61.90.90' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae8fa118-32b6-4a45-8f9e-4ca43cb9e796",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=topservicesecurity.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58fb5edf-99fc-48d1-82f1-bdcffdc4531d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '696aeb86d085e4f6032e0a01c496d26c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--86ae72b5-639b-4120-9a98-bd9e31eba2d0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = '147bd186a7b472a85607cd53b5f7e31b678bf05f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2da9635-35dc-4288-8d31-e8a8c48f2102",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = 'a5ecc0fad362c57f24780db553b8c29771c49639b0698e73dca7bdf822033570']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6be40d00-7567-40f9-bd2e-79134bb804ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.32.130.5' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--71fba833-c734-4f80-adcf-6842d02c5f61",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.69.15.175' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b439462f-0be4-453a-a0b3-ef136c730480",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=serviceshelpers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41807646-a0d3-4ea7-918f-8ecf882fa58b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = '9a437489c9b2c19c304d980c17d2e0e9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ee9c704-dedc-4f5d-bf78-6c0726a253ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = 'd8d91d7820347c7182f8cfb8cca88adff9b1aa41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1e09bd6-9626-422c-83bc-863b8f5198ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA256 = 'adc88b40464f477c860ebdbcbe1265ad6c01e624e873027cd9eecfee18e9683d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b5bba6ce-3f0f-4bdd-90c4-3b70d82a2816",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.138.135.182' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--256656a0-df7b-4ecb-b2d8-3a2801854bb6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:name = 'CN=topservicesupdates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--459fb9f5-4564-4c4d-9a09-427df43a2178",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.MD5 = 'b9deff0804244b52b14576eac260fd9f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--623ec286-d15b-4552-8693-25e40512df83",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:53.000Z",
"modified": "2020-10-29T17:40:53.000Z",
"pattern": "[file:hashes.SHA1 = '3140f46636268af8ca50bd91f7b95b25734c7ef7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--43355b51-f1da-4c70-8173-511a3f196c1a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '6971bcf5a82edf40bc4be702fa320e4f055e973248e0156cc30884ac4febc28c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e6ba647e-397c-49fe-a986-b4d450fda250",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.179.210.8' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e099d903-9a71-4bbf-ac27-8543367059e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=serviceuphelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--37ceceaf-613a-458e-b703-46a7f999da25",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = 'bb65efcead5b979baee5a25756e005d8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1271c5f9-f39f-45ac-9ca0-cb5bfc221967",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = '55a914adb9ba1352a09771b0e289c434cdda9257']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--705871f7-847f-4d5e-8dbd-7d08e9a70c45",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '4c9fc43824a06be22828a0c10fcc9db36874f6160dc991e1df675a693b8d47c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--510f2131-d0d6-4c75-bb4c-996f49afd75a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.76.45.162' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--33b81b51-3b31-4b34-b196-dec73260d386",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=boostsecuritys.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ded9954-0a73-43a7-b7d3-e8ee32a53ece",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = '7d316c63bdc4e981344e84a017ae0212']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f7b288bb-7763-4c95-9cb8-0692b7c9ca7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = 'b4c2fe59c205f861469ec9049e00cc5284fdcf12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1f17bf4f-9754-4305-8f30-30be5e5da14c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '2ef5f4e625389123a91524cde8ac5e46e42b737a3e1e89fabd7c600d917adfa4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--759e6e6c-59a6-4aed-842f-ee701128ec66",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.61.176.237' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--706b9dc8-137a-4ea9-9aa7-8b164ec944b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=yoursuperservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4749a19f-9821-4722-af79-735d0264bc78",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = '7424aaede2f35259cf040f3e70d707be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--483c1990-ed4d-436e-b0d4-d2bc94e28cc5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = 'a60d8ca9d451e52f095ec61605f6cbbaffa2fca5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7318abe-89a3-47c8-b172-3bfcb23295de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = 'ddbccecbdf186dcdf6c439f4272128e443389187421afb33261e0399cc127fdb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--024c7e8f-890d-47db-b493-0022cb00d4fa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = 'd66cb5528d2610b39bc3cecc20198970']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d0995c76-885d-4449-97ca-ce1707d710de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = 'ef2c77a7bc8d595b6a5b042750dc99d369bba20c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d2e6d198-a2c4-4b9f-87cb-fad846ed427c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '35a4d2ce4de30e0a7295d3ca805e266a13a869ae4f35fdc8dd4dd78c4642746e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7b1745e0-cf2a-4062-927e-153b4952f528",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.166.52.176' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dedc3abf-cdf4-4528-9c2e-8df1993f7109",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=top-servicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ed712a6-d25f-4fc1-8cd8-7009153a829e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = 'f882c11b294a94494f75ded47f6f0ca0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5298d32c-d1f9-432b-945c-a8d7eddce4b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = '8eb1ffc7aba522a4010be154d52f3e87d1475487']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62a63c0c-85d1-4333-8186-c5c19eab94c7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '66ba56e6ce3446c900bf160d589e78915291802cab5de02bdd68d62eab07f490']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9cf3091b-b7a5-4ce1-99eb-43438ba39c36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.248.56.113' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ff157fa5-0ba9-45c8-b2c9-998a44f105f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=topservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f45683ce-78f8-4025-9f2a-f0df75252e6f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = '2a29e359126ec5b746b1cc52354b4adf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3bc8bf91-84d6-4367-a7de-20a292c266aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = 'f084969f98c9dd88ff1fbdcf61e3c9b250c20432']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52bb4616-a484-4c4c-b8d1-4970ef67ce51",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '93162e42f09c89c87987837d16b009ddc7a491bb431a02fed46b11c3c94ccb69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--456b386b-c39a-4e3d-adce-35996100f95a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.247.13.144' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4bcfb24d-b3db-4649-a1f1-2bb7ea1d9a20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=hakunamatatata.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9ef791d1-e789-4ebe-a855-4e0cfc145225",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = 'e2cd3c7e2900e2764da64a719096c0cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cd24a6d4-a7d8-4213-84a4-05895933ef8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = '0c997bf6e1373cd9baa06b1f0ff4cc5a77956939']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c89a6e71-0426-4502-a011-3fc217dac5a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '82ccdb1da0643c4d6df8ec18f995b4a05ad11293ac03db5fe10baf2875076144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e78101be-608f-4288-8c64-9894593f7217",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.179.210.8' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--83b50ee0-349c-448b-86b2-33c4204455fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = 'd89f6bdc59ed5a1ab3c1ecb53c6e571c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--347fba6a-b9e6-4c8d-ab53-57c40a44c4cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = '964a9af671fe7fc5f7691270f2ce021a9bb99467']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1542eca-9b22-48d2-8fc0-157f40e4aae0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = '31ad5fa34bee148f6e003da8328e66934e6eb0d0ee013af29094e5da8fabdb54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2943b65-6957-4cf0-9e26-e5ea9f8fbaf2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.230' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1f02b45-c659-44be-8d79-44dda038ac04",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=secondserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eaa303cd-5b60-457c-b562-743c9029b8de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = 'c30a4809c9a77cfc09314a63f7055bf7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21879a0e-a1c1-4e54-9113-e96703cd501b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = '8ee35bd3a782d181ec72a46a5646c3e117561b74']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68d923ae-f41d-4479-9bac-0035022e211c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = 'ed61f2ddd11a23999762416cc74dba24df9135164d2ed4767ad6d42f5bf59ba4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62b5798a-3e84-4e81-b06e-ba6d063e956b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.229' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20d07890-c505-4447-af76-b610f10ccaa6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=firstserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e3bd05f8-bba5-49ce-addf-45d2e3f0d0ce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = 'bc86a3087f238014b6c3a09c2dc3df42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--420f8d5b-39ca-477d-bbb6-511d6fd943d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = '90dcf1b735dbc0814a6b262b525c98a6368a69de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aac95057-974e-44e5-b561-f3aa71a97393",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = 'ecd7b942937fc7ebdd42c88443599890474fbdfd1eaedd87833ef743f0afedad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--48434b6b-e209-4ff0-9301-306c913d5b5f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.232' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d784eead-1baa-4d54-8d9c-50b34a66502c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=fourthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1ebf7e1-ac1f-4a31-b7ab-cbbdca248bff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = '3dc6d12c56cc79b0e3e8cd7b8a9c320b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21a3d66b-f1c1-442c-94b7-f74527d4fe36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA1 = 'a7cc6d3bf0d757b60d30247ae044d5b2cf5d4480']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20491d8f-92b8-479c-917c-edcb16feb4fe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.SHA256 = 'bb0d6cef2507ad51d60d8e2d7a55ff008fbbac71b395338d3c57fdd43ec8448e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c2aac4d-ad4b-4d7c-a13c-302704d8c5c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.234' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3b407888-b1cc-45a0-a520-117c737e552d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:name = 'CN=sixthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e414aa1-256d-4e66-a6d4-963f04745e07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:54.000Z",
"modified": "2020-10-29T17:40:54.000Z",
"pattern": "[file:hashes.MD5 = '951e29ee8152c1e7f63e8ccb6b7031c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4c0c916-05ac-4adf-9688-fc0068694699",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '6ba985c0806efa30cd08d63703fea0b7de6ba069']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b3576beb-0fc2-48ce-aec1-ef233e592587",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = 'bbb4f4efd5422502419a20d1266bb490cac2ad72e8976a6827dac150e861490d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fce36e00-e6a5-4877-8b9e-0f52c4610d91",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.235' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f8c3803-e15b-4541-aaf3-237498589a0d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=seventhserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aa090680-5312-4729-9e19-c4673f0ac3e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = 'abe1ce0f83459a7fe9c72839fc46330b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1349081-75b8-4190-98e9-96a4f23feb4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = 'fdd928b0c85157f6ba6cfd3368c667fe8e1fb5d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b910fada-d293-4ec4-8fcf-07c8be2584b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '5ed06362012051d4338cf4aead763f2cf73b8ceb6b5818490e039505c37ef563']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cd7d251f-71cf-4f39-91e4-3fb02da79e00",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.236' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--600edddd-a4c4-4425-8b10-64eabfa678b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=eighthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b554dfe6-750f-4531-9b0e-ec1d4a3b9d29",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = 'c7a539cffdd230a4ac9a4754c2c68f12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c14e9b91-097e-4678-b691-26935724db3e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '9f0d0fcba3b6587a58e1c234dd8bc415440a5cf7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6454027d-ba56-4ff8-abe4-da29313229f7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '026a92b4137193b82ad67cf0d9a7fc5b8946da7916f7d1a8b9f904b1e5ec8109']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d378d31f-9220-4356-9898-ad05baf12e12",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.237' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c8e5e92-43f1-4e92-8267-f53b82d518c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=ninethserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c40c2f7-378c-4177-94ff-f62ad8de7fad",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '1d1f7bf2c0eec7a3a0221fd473ddbafc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1f01f899-9371-4fc1-b898-5e1e89b4b743",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '3792f2728a464f05874899d5a6330bb750054ea9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c652a508-456d-4765-b489-09d76303c69d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = 'd11e1ec2ccb82f591fd7f3d057f1920559ff0f4b8f12c96920c55f917d5a2340']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--81b4883e-afec-4570-8c40-27cebc52835f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.225' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d96f360-7cc4-4d7f-a677-27af5a9f9656",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=seventeenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4cd2da2-3e19-424c-a1f5-108f21a61cb3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '6b1e0621f4d891b8575a229384d0732d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b9eba227-b1bb-4ec2-91b7-2f9a16ca6280",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '6122b1f5fd9b21a25bb8167d3fd8ba137fe73424']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--15aa62ad-8ce9-487e-b87a-203ee74adef4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = 'd1f5d43cc9223c67e6cad5030f178daeb242cf09ed452e35c0f4cc18885f2823']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0b37616-78ea-4aeb-8238-6afc1c498f2c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.227' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b871b0f8-269b-42f2-a748-c830ee321aff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=nineteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8232b2a7-9a90-4383-bfdf-9ce634050600",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '38756ffb8f2962f6071e770637a2d962']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--172deb5a-6f4f-4b7b-8671-1dc8ec712d12",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '200331224aaf52ca6f2c5196d4cb65509622fb13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9d6401f0-81a6-4b07-b365-907598d4ab5c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '4f9db8e1d3f1d48c68c609f0c4dfea3057cc763a4563548700e63c64b8ef9e86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f4a2682f-390f-400c-a587-a37325329d3d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.242' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee971f0f-21d9-4d8a-a254-c2c3617eaa6d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=thirdservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed6f73f3-80a9-4011-9f16-89722ed1fa53",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '3b911032d08ff4cb156c064bc272d935']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50cec67c-34ef-4df8-9565-886d7e811239",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '0305c923a596bcef4a77d339b0ee2275884bf6c8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--086dc1ef-0ddd-43df-ae62-8e413d2fd8b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '5ac4e8321c0afb663d8038281a03274fced1897b95a76685c3af321556442a1c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5328a2f4-77a3-420c-85e3-964501cbacc3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.244' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--84d943e9-df76-4c10-a643-a532665bd8ce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=tenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b0d692cf-6806-4bb5-9c2d-1ce7f5b1e2f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = 'a2d9b382fe32b0139197258e3e2925c4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a76c6556-476c-42da-ac46-a3bcd2610729",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '98780351c45ea79aa5c5df18bea0228cb99953c6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8401d91e-b9be-4e39-8791-923d9edd28d0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '7cb497230d1a533367ad17ca4b4efce35f429c67382bcfa3b4a1f330d932a091']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--62e5f5bd-4cf5-44e3-8d2b-abc5e00d640b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.226' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--74ee8895-3b8c-4ce3-ac18-7ca3aa88ed48",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=eighteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb349e07-ba85-4379-93f7-2322ebe95692",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '4acbca8efccafd92da9006d0cc91b264']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c59e2d73-fcb8-4be0-b016-ca1f5505cfb0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '71f5e9bfb1e84240422ab4de02ba720d4d27bfa2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2e832141-3b17-4ad2-a474-9e0c1d467965",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '5c5c8f0f9d36c7fadb599cac5eeed4dcffc117dfa5f224e36f489af29e138413']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2814d3e3-2a31-4363-a15e-3136e5298e06",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.243' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3fdb6e97-0ad9-4a94-aacb-b4756c70289b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=ninthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a3cb1b93-0233-4848-bba0-b27b6e24bdf1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '0760ab4a6ed9a124aabb8c377beead54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3dbd8e81-b482-49e1-a93b-773918382d44",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = 'e9ba8d107eb11c1559e1e0cb8848a3db58a658bc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f166889-7fbf-4faa-9268-204162c20694",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '1c46a92fe32c2440aa5cf5e7f221dfd30c36e7ad8f893f6b0f685c8f463daef0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ca421f03-e8ef-4e42-b18b-e41c86670f0f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.201' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e171a2de-6a30-44c2-b405-1e4f52fbb290",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=secondservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3afcf257-9bf6-45b5-8a2a-e289e836850f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = 'd8a8d0ad9226e3c968c58b5d2324d899']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21afc526-9a27-4d26-8863-9774bfcf61d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '170a5457a5b9bb0929b057863ca3cfe6af09ead0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bb876b7f-b859-4588-9ac9-c22dab97bd76",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '09d6520dc9e554a38d8608cc3523f316c01dd152eaa28a715a22c4f29065d9b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--77e08877-57f1-413e-963c-f813c56346eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.202' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a837a6d8-62d2-4790-968d-07bff0c289a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '0d3b79158ceee5b6ce859bb3fc501b02']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4b5aa2b5-419f-4775-b0ab-425baed55b36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '85c8981c67ac70c12736d9ff58c073ccfc4d8356']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2211725e-214f-4f02-a7f3-69e58b750265",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '395ee531bf5c1790d1484df5505431a74073cab00d642cece309ec8bcaaa9ec8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--302c902c-dab8-44e0-ac06-ad499096f488",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.220' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59135b56-f5e3-4c2e-a118-c088f6ee4efb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=fourservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2e48d5b-d875-47ca-9d16-4a687572ddc1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '831e0445ea580091275b7020f2153b08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--45651cbf-48c5-4674-97f1-d7af1e109f90",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = 'b967639413cf2be482fb4a3384634f7114f21628']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6416f2bc-b14d-4e89-ba06-78f4e26e6769",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '353e073a7b77cbbecd06568308ac9b38a449e1151397d77011e00557fd4b7f80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7a91e9fb-ae5a-4980-ae29-a8ecbe42c0ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 80",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.246.67.70' AND network-traffic:dst_port = '80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7cbbc8ca-3ebc-4fbb-b0a8-f49b0b76d17c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '165.227.196.0' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee2ba1c9-dc6e-41e3-a0b3-3384b7946211",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=twentiethservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f94ccf0-0841-444b-a00d-5f9773af62a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '977b4abc6307a9b3732229d4d8e2c277']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3496b920-839f-4ccc-a12b-6cdd666b88ad",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '5c22876d3293b96fb2111b33107506cc5bf26e94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac010bf3-ae8e-4c6b-9b1b-3ecedccc1308",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = 'c8f0c12ec149707de1caae8590894fec98ad1103c63d1c51e0ed9c3812f1248a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d552827a-80c9-426b-a8ec-366d41435573",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.91' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ddb8f045-4a2d-4e0d-9da6-0bb5ac4fd5de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=thirdservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8c378136-6954-417d-8035-5265a4140942",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = 'edc2680e3797e11e93573e523bae7265']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8741e161-10a5-4163-8f05-b0411f0d5243",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = 'ae29d540e40c889c11e996c626045c79ff1d58cd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d3186fb0-63da-4f0d-a913-a95992da6942",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA256 = '7b9840afd5826086e9b50b799ec2f559c2d6b6e3450a54293d5299905ef5b3c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--86c48ffd-40d2-467d-a1f0-760bd82f6c0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.219' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ccb2f28-3a74-47d3-9c76-b13660b2a96d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:name = 'CN=firstservisehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--74ad0d72-7134-4c67-9018-627ef8f98a95",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.MD5 = '6b444a2cd3e12d4c3feadec43a30c4d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f53eff93-50ae-44a2-b53d-18bed1fdc8de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:55.000Z",
"modified": "2020-10-29T17:40:55.000Z",
"pattern": "[file:hashes.SHA1 = '11fe8a3e5922e574ba82b5474142dfff9079f6e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3a4b4445-4af6-47bf-9624-08827bf1bff5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = '9dc3a97e0f86677bdf7c6acedd74e232d5acdb7bafbfb9f28d713a4d4717c5be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--733bc930-b76d-43a2-89e7-edd4a19e5101",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.93' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c9b3759-3df1-4afc-957a-b2a09cd6ccd2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=fifthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--587df44c-b5d1-4c33-a1c4-4cc8828aabeb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '60e7500c809f12fe6be5681bd41a0eda']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f83cc9d8-5879-4014-9af3-31a968c78ddb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '9be40f49f6760e8d8dbd73158bf1bb5065f565b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--473cd2f9-013a-49eb-a1a4-c6b68ba772ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = '7f9b9d03af249b9d849aacef60f1cfa544d2b5cd8a45a48a9c87c5a00ada2533']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5d3769ea-64c9-4e76-9a7d-5867eea9ad07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.90' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1b69c60-6b92-4f93-bf3d-b0565450b537",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=secondservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fcc4282c-f545-46ce-91e7-a0701aaad220",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = 'de9460bd6b1badb7d8314a381d143906']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ded8e33b-23b0-40ec-b7f6-05ec5447f279",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '848d9ba856ea343812e81aae4a956a680b25ca51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac2d291f-e1e4-448d-9598-db2d8b428da2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = '196d386180df255311be789f449649297b85ae7943d09d226705d1332dea05b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c70cf32c-6fec-422f-a160-2b8acea21b21",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.84' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2be0c536-4e66-4116-90de-fb3c001bf569",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=firstservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--698671e5-cde5-4a57-8526-a6ed81266fe7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '6385acd425e68e1d3fce3803f8ae06be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a057bc41-7970-44de-bdf3-193b6c7ed8a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '4e72c8036313e812428b0e5978d48e5821d2e60b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68933312-5b81-4ae7-b919-bce2746dffd2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'f00856f25467e320c5883486cdbf53848818cc270648cabc41760f77357f98bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ddc665d0-657a-4fd3-a891-e54895a50a9b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.96' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b73bf60d-cfb6-4fdb-a1ff-4f64d3a66f04",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=eithtservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4fc3b56f-ca3b-4478-84a5-d4b9125b29cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = 'e1d1fb4a6f09fb54e09fb27167028303']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b196fe50-f418-413a-a3bc-0a8b5878fc90",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = 'e5c1db89d5f685b79cea43ac4bd22e25b0446723']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--350d919a-9076-4ad7-828c-48e21ee0fcb4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = '4a8b83a91e53fa0acc65cc19433bfe36fd685776bbacdefb15f55affde3005f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f4e4c66-7cc5-45e2-8b9d-2d4b3f175d6d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.92' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a3e01d3d-5e49-43f1-bc29-8d4f92172ca9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=fourthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2921469a-a596-4c19-9afb-ba01f259ca3a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '5b5375bf30aedfa3a44d758fe42fccba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fea09baa-7610-466e-b6fc-ee047df20974",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '95674988186e8a8929b56e783976c66bf30cb93a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--894d61ab-2195-4899-87aa-8cc5150f9fe7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = '31413afff6b201aa678484780dea0fc3e8ae9e38ad82297c7577e579a447bcc8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c52145f-e906-473b-96df-43108436d781",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.94' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed4310dc-5dfc-41b9-81fa-f86f385bd88b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=sixthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a277ee67-b7d8-402c-944f-4dc70b86fa15",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '4d42bea1bfc7f1499e469e85cf75912c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e45c88c3-8f07-4e8a-a9b0-73d309f9e0c2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = 'aff04c3420d065b9ae3d4edaa9afcfc599c899df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe48f2f9-4faa-484a-ac9c-5b86656571ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'e4f95e5f4f696b266291ab3e285eebb2492d6d047877018465b32fb82752eab1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ab1c739c-6e78-4b37-b169-a10ce9804c7e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.61.209.121' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--307c2195-25f6-4f45-b181-89fc0619483a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=service-booster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e8912df-edcc-40ff-b9f0-0e119ab377a3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '692ed54fb1fb189c36d2f1674db47e45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--713cb9c9-7bf2-49c3-9ee4-d50feafae848",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '8e38a8bbfddebb0203a3ec6b58c352d8c29be891']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea76ddfa-5e8b-49c0-a881-b7d01ac20431",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'df37e083f15d996d244ffb945c166a7198e246952fca4c069628e33d84cd9aea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f2143c37-3351-4b31-bf26-72fc4ceaeb23",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.122.116.114' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fde4ef0b-1a7b-43c1-9aa6-70a46e7f2bfc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=service-helpes.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--85ef4294-842e-489b-987e-5a032766da5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = 'ad0914f72f1716d810e7bd8a67c12a71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--152c1e59-acf5-46b9-8490-bf49b41efc87",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '1302395c401b35c5e483e24c33d0e1577f0fac58']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--026eaf49-3c28-4d5b-a270-4e5320b48416",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'd909c081f1885f03bfc578cdfd5dbc11dfc374e5178b2ba0e4552dc4217b81bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be9e967c-dc79-4606-8693-271a319236cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.97.130.197' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f12ef88-f07e-40ff-84e1-6050305f6171",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=helpforyourservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--19042820-e197-4ba5-b8da-727d0d074bc8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '00fe3cc532f876c7505ddbf5625de404']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--208482bb-ce1d-49fe-9af4-6410dd96a240",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '9c4cbf168e6ef3d37ff30e9148de0364d92268dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05eb9e68-f2e2-4725-aee5-9d0efa67a279",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'cf2ee926b0e4736a507dd650c3c76a9edab561438936434501f4f687a77761a8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9dac58ff-0807-4fb7-bbf9-7802b84ea89b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.241.143.121' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c7d82b6a-022c-411b-8ef9-e42f40426a28",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=serviceshelps.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee15dcd9-b6e0-4ee3-b94a-5bd92133c505",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = 'e50998208071b4e5a70110b141542747']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c423bac-1283-4819-b7d9-cbca648a8a02",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '7f251bd73a416d1a92cb6a3c6e2de0cac5350d45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b4e2e224-2077-4b52-bc27-8f2a2a7a8a72",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'd39a87ff39ae5f0efe9d03c53827b4c9a5c8d5269dec42433c8a1064a3890b8a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bdb6b0b8-c674-427c-9d7f-5ba5c32bdd37",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.95' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34e88eb7-9f8b-4b47-a393-2d2ad3c8e170",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=seventhservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2e70f889-b43a-4644-844c-755e3199b218",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '413ca4fa49c3eb6eef0a6cbc8cac2a71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0a30425-8e95-456d-9835-5e20e748a222",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = 'ef288bad2e19d041170cbe9f886810c64811c233']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cab08b3f-f45d-463b-8212-197d44723838",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = '9a5c541d1a20eba5944401942ba7f93c4010ad5e6c71ebf1b37cbb6d26a83e65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55cd62fb-6581-4649-a4bc-1789c019ad2f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.211.116.199' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0591319a-6e77-443d-973c-027e21218952",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=actionshunter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9eaba568-f7c2-4059-81ca-7e126a498847",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = '8e5bedbe832d374b565857cce294f061']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e0d5747e-bc4c-415a-8611-cdee019d698b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = '58baaf1b4e739d7b7dba47253c1ce6044c9037ac']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4479be88-94b0-4586-9c93-e6af5165fbc6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'c9bdea0e979bddebc93b99a0e5f374c7cc49e595d77ea19b4497ecaa4cd84812']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be321e84-b2ea-4d14-bd02-8109887c7c93",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.155' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe03bc12-3daf-4e95-a20b-84e6c25c4510",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:name = 'CN=sexyservicee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a9647c6-5790-4194-8ee1-b520fdfdaa7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.MD5 = 'cca37e58b23de9a1db9c3863fe2cd57c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e7d8687f-0730-4e07-9462-b24208b2db5f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA1 = 'ebbf885ae58aa577c47ed8a76e8a1d27ef0fe9b2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--666d1496-2245-4e3e-9feb-8fa6b5a3206c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:56.000Z",
"modified": "2020-10-29T17:40:56.000Z",
"pattern": "[file:hashes.SHA256 = 'd7eecd89833760a8e212a26d3a4440d48658f51371ee8aafa6d9496210c035f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e780e445-f947-4d20-9292-e894c1844820",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.239' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--572eaf39-770e-4120-9256-fc753cbe9864",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=eleventhserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9643a604-36a6-40f4-a0ee-14a5439a00e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '7e0fcb78055f0eb12bc8417a6933068d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--066d55e2-6764-4f0d-9adf-1de9c49aa858",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = 'b6e561e9336265ce7999496e645e411c1cf6d32a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed3384f6-bab8-4dfd-a213-861b7f176226",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'e7ee39057173408d32ad678a9bbe1285841fcc07462ea4ea635193976166e4ef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db8f2194-fa1e-48ee-81c9-48e9a79838cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.206' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c13a00d2-a310-45e5-a66f-dbc7befc810b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=servicedhunter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b5e2de49-2fdd-4f98-b99a-c0ad35ab3d80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = 'fdefb427dcf3f0257ddc53409ff71d22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ae811ff-4933-47f9-baa6-9776165817e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '3484cb2df365360595990209bff18cafdd2f88b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f3641d0-a7b6-4730-9602-0a49ed953352",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'ca34ed4ffc9de2c14ce6e2fc5f5a117423d715280249078aaf93119e072d84ab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55580574-048a-4168-8edf-077f07e8a480",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=service-updateer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9d8652ec-bcba-4e27-8eea-85a5f630aad7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '51ba9c03eac37751fe06b7539964e3de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5078f0c1-049f-4816-a534-5ad961be2101",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '7bd69f9b20fead1715424f2a41570cbb202987a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a72e328d-63c7-495e-ab99-ece920bdf926",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'f9e9d1e53371510e0510f1d166df989e37ca9d67d0551fb2789b276a1b3da04f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--67fa12d1-d4c9-4132-ae96-7d718e396c1c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.122.116.59' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ccb3b387-7736-4922-ac39-a70bc7dc9cec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=servicedbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c3c5be82-7e3c-438e-9000-5b91761c2bdb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = 'db7797a20a5a491fb7ad0d4c84acd7e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0075caf0-ebda-4923-96e5-22804e87910c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '3cdd7ff2efb830024b9cde8dbd480dd90ce74e28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e57f51fd-801b-4a1b-b108-c958c9bb4b79",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'eb083bfd99cfa4c2c9feccbaaadb1415a75046269360ede0f9f15849d2184e0c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--881a4e98-9532-4396-b604-c3a23ebfa15c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.122.118.46' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d7ae4ff-52c0-4875-bd10-43d4a2ee89fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=servicedpower.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--01865e78-8165-45af-a0d4-7762c04d9493",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '7b57879bded28d0447eea28bacc79fb5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--687ba8a1-e2d4-4d76-8c96-99bd7d3f936e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '4014f28e2ad10e0703894a713f37759c7e11d12e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2e632650-d38e-433b-8e26-063665b30b7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'cb31b3b68a9621c23a5c9a9ae60ee37df2c85e05de4bda627ff7c200403d4cd7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cea92d2c-a9b1-454b-8ac7-98eb23291062",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.122.124.26' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--986b9866-d5aa-4bb9-85d7-668df0b077d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=serviceboostnumberone.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bbc00d31-6b61-4fd7-aed1-cbcd99b9cece",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '880982d4781a1917649ce0bb6b0d9522']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9d44ba55-0492-4d82-b6f0-04bf9f3234a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = 'de2e4fae773052383e0d05ff8a2a5efb436d7d3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3507944a-39f2-4e7c-80ca-1083b2eccf10",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = '3f79071f197133614fa796d44ba9322c1b2f847166c1986fe2bea5304c107f3d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b3cf645-b14a-499a-8db9-78776594170e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.97' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1dffec0-e1df-4b75-ae88-c82c35c2ee59",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=ninethservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1e3f983f-5874-4a18-9351-18b54ef42357",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = 'e4a720edfcc7467741c582cb039f20e0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e46d3f02-85ce-4c24-8fc2-041de8af91ff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = 'de321d8e683f0b11ff37073331a2aee5859ff518']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9dc16b9f-4fec-4372-87c4-08c5401a8e3f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'fd0b15acc21b2fa372a9ded83f2ce7dd1519db53335d3db7ae975a2ab4861f4e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--568d3120-64de-4a58-82b3-5a68bed9a23b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.62.247.205' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ddea9843-601e-4bd4-9977-be803030a7fe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=top-serviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--456c8d52-ab10-4dd1-bf3d-4573e68d746a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = 'a45522bd0a26e07ed18787c739179ccb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b83f751b-cc1d-4ac2-b90c-59b3933d8eaf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '1cb308247b0c9acd8b85a551f068dba57f43003c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed0b79d9-ecec-4132-aef9-07c8a0b30eb1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = '22049b5e5a7f8cd603b034f2dac43ea51df6455ec6e7a19ff82819dc735b59a2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c498f4c-69d8-41fa-8c8c-6fee7cf40df5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '159.203.36.61' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f6937c45-b573-44db-8833-7a952e6a2e33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=yourserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--303fc7a1-dda1-4516-936e-aaf2a2822696",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '7b422c90dc85ce261c0a69ba70d8f6b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eedbe759-528e-47f2-9d89-7ef0dc8ee902",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '4aca11453ea2cb8025e7e1b0b43490edea5be848']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--03c1a3d1-c5aa-4563-807e-8e8105cffae4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'e588cd6a13ff837b8131b452fddecbc9c8b5c9e1910ed8ff83d15731557f89f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8fbbda04-8316-496a-9362-dbae8748ea3e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.122.20.117' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c09c542b-3e81-4541-ab04-8fbc53926e62",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=fifthserviceupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e3fe3de6-06db-417d-81b6-da3ff0a74cdc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '99aa16d7fc34cdcc7dfceab46e990f44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4bc17340-f718-42e2-8a79-1764aa316451",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = 'a53905596113b7034057c63471ccaf1cc73aca4a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c00b409-bba0-40a8-bfd1-9a6c17f9d7c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = '0ec1a43076685564484b38506263640e3a213338db2604a57792a2a3f8e42b56']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--862a634f-835a-402e-85ce-e4599dc9ad24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '165.22.125.178' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1963abec-56ad-4bf1-89ed-b5db12780f0d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=servicemonsterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3910ccdd-c2fc-46e1-9203-90d5909f9861",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '82abfd5b55e14441997d47aee4201f6d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50bb85b0-00d9-427a-bd4a-f63b3e97a063",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '7fac10cd2c2ea8ef8a57e929501e56c9abdcbae2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42332cb6-3ae2-42a4-8eb4-79cb7ff45a68",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'd2e503b1c92b9b1c0e6cefa55b08157676ddddb888bc1b2b3511c8c2800d907b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f67a507-f780-48c5-a44a-87380eb4e1ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.55.60.140' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23f520bc-ff8e-4500-bca1-c7011fadbcdd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=boostyourservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7173beb-3eb0-4cb6-a4bd-d3a6e61b23d6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '7f3787bf42f11da321461e6db7f295d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91483c54-d8e3-402b-8246-45a9960ebbdb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = 'a6d1fd88257c51bd2c129a76343d1155390fd069']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--87fe0685-f7b9-4d46-bf31-c4169cb48f94",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'f9a24c855d8d30f2e711497c5d11d646e6ec0de85eb323f19c373ac9d36ef391']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5fe25635-fa8f-41e0-a63e-a533a43bc451",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.141.86.98' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ec39c56b-c05f-44a6-9d15-a8ff1d2df2df",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=tenthservice-developer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ad4177d5-91b5-44bc-91b3-ea53c1695019",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = 'eef29bcbcba1ce089a50aefbbb909203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb7ae905-035f-4878-a670-3be89b2607e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = 'c545cf69299c116e897b5cdc888feaad833a4df2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--12f0b506-713c-4b09-b413-45f11a9e5fe7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'd4365e2bfc72e6eb1a2183569d2562f71858b87d41e2c1649cff03d0cba13f4f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3f924f5e-0265-4d09-b767-2778d8982e3e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.79.132.82' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3e9aa384-5588-4775-8dc4-679a8a19cf91",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=developmasters.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42ec078c-251e-42df-8273-d8ce6d17e712",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '5cf480eba910a625e5e52e879ac5aecb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cf6960f5-3dba-4e03-89ac-97fe6841b62a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '0fefff7692342dca99c95c36e369a3835694497f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9311857f-a29d-4c9a-9803-d36b5f63600e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = '31f6977f48f522d1d935ca1c1d84d701515646c9c054f0ba7f33d0a065f4972f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fbe62ddd-be4f-489b-ac56-e3dbea3d0889",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.26.29.247' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b85591ce-b5b6-424e-a011-d63b7b6a7e48",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=thirteenthservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c09f4a84-0d09-47e6-9748-f56966476659",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '2486df3869c16c0d9c23a83cd61620c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--49b75c88-d07f-4cdf-bb2f-bce532204c24",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '10b8427b7b585e4498eac8a7a79677f75e459041']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--623b80e5-857f-46f7-9fc8-20ce164fdda6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = 'd873c8a307303406582f918c5623a57ef1095896ef8a5b864d9df623c98ce1d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--086f43a9-9598-47c5-b296-63d283f37963",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '159.65.216.127' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0b03e9d5-6ff3-48db-8de5-f9b9e1bf920e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=info-develop.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--48e10d2a-4cba-4634-beba-f5fe783da9b0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = '5f7a5fb72c6689934cc5d9c9a681506b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--befcf080-d92c-4cc8-aef2-1337b22f9349",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '31a42d1eff743c09b7a85dea35698cd7a3b75915']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--00b13b76-57b2-4dce-9121-7eeb33a84b2f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = '3c5627220ff714a53a38962c6fb046bb1b0df193b4ffb0e8612a9fb9ed7accf2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b275d503-c5ed-4219-98d7-3e01365d48df",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.61.38.155' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cc27c398-a9ad-4ac0-9dd6-fdc90ff57c46",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:name = 'CN=gtrsqer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0b9955ac-f3c7-439e-8493-1ffe1abb098a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.MD5 = 'd37ba4a4b1885e96ff54d1f139bf3f47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1abce5de-180d-4245-93eb-59b2c9b28d5f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA1 = '5a70f18b547e0824e791c7ad99bc5520e369c90d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a020f422-27bd-4a96-970a-60707af247b4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"pattern": "[file:hashes.SHA256 = '931f03baa30a7e07dc130f53a2a1e925b6b081e69a7c8de7b3a117639433cbd3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--49499f4e-74fe-45a5-9b3f-d24d44e3e969",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:57.000Z",
"modified": "2020-10-29T17:40:57.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.9.225.144' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9f9886e-a0b3-4199-97ad-b717de4179e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=hakunaman.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9c31a392-4efa-4b99-9a9e-f3ef06891d96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = '4408ba9d63917446b31a0330c613843d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a4fa8f9-03b8-4952-9a21-82eebb35a7f4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '87266a8de7add18e4b061029552ae9bf5a34aa88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2e1c2077-e9ef-4df5-a660-f984e0234ef6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '6768d54a8de271ed2bbcfe6519717ef72e7d78be87570b76bfa159b97a4646b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23020bf9-fbd8-4b83-a144-bfd92f4f6be2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.9.209.216' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9a9cfe8-7753-4923-8724-18547c98c369",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=caonimas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ea5aeb4-27d3-4085-a30c-6c16f3c11ca3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'd921dd1ba03aaf37d5011020577e8147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e1f45206-287c-43b7-a514-94843acac0dd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '5646eee066ae74272c2f495292ec056d407e2a4c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--661c040c-ed6e-4a3c-a8b7-552b478817e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '13a03d22dcbcb90adf5158b2a5c9c694e080d2f9510063f1b3770312992dc58f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--515d7c18-98a1-43c1-8c71-43504c07bdbe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.176' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f76cbe8-9ad7-4bf6-8aab-9592a4986c60",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=chalengges.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6fb9658b-1093-46eb-bcc5-cb1bf418b6c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'dfeb6959b62aff0b93ca20fd40ef01a8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e53e0e-d10a-4710-a693-009b93c78f16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '952875e8dd1887c43ed834f44181cbc6f1ff5608']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f63ce578-d2a4-4325-945a-d15afd8692ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '374fca70315cce164eab45140973881019ec54882d8142b59b9a4803561d7de5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d466c468-e3bd-4830-979c-a6f3da97abb8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.9.225.143' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1cfc0d11-4015-40eb-93c8-40bf4d99f9f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=reginds.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c85227c4-75c7-48ac-a464-0b149988bc70",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = '05c03b62dea6ec06006e57fd0a6ba22e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5994d579-81d5-4a42-bf52-485aa4dc777f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = 'fe35ac015239384d55a6538ed54bc3fe52e1e60d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--38a3062c-4cb2-446c-9f6b-32f7a363bd82",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '3f6a80c0bdbcd18b32733f01b4ecc194d1239c7e2c96732f7a2559f470d34df6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e973015f-b916-4ff5-8622-8f58cf8cbd14",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.61.38.156' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e03a72c1-fe7e-4138-ba55-a350846bd805",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=errvghu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--414f8925-abae-4f37-aa3c-58e7f3a9e73b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'c14a892f8203a04c7e3298edfc59363a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f8150826-6529-435b-a385-d5ac0de3d030",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = 'f01101625a8ce165ef52230ce6232066c5c93f9e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aecbb46b-af1c-4b6e-9559-37b291a65eeb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = 'aa4d6ab28e11b508d899c11c417678017a355e563ca2869dc5ba306ca8257f7f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--69f2a674-238e-4210-a0c8-d90ed759bb5c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.34.6.229' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f7e6fb98-6c84-42a6-ab6c-07467dee9595",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=harddagger.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f8596f0-5b42-443f-adcb-775fb04cdcd5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = '7ed16732ec21fb3ec16dbb8df0aa2250']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e215ff8f-fdd1-4748-baf7-9778ea21c70d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '321833abdcc08ed393b589b1404065dcae4683d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--514af8a4-d87e-48ed-a4a7-858fea4fd05b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = 'ac29dee3554729861ac30308c8767b08256a1f32333cbbe7dedd06152d8fd9c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b1ef17b-dbfc-49c9-88ef-0076a1caaafc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.34.6.226' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f7036dc-2f94-4bdf-90a5-4c757d7160e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=getinformationss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5f30dbb0-702e-4467-a4fe-30d35da263f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = '1788068aff203fa9c51d85bf32048b9c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e2f03e39-5d7b-436a-89ed-dd580bb40261",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '7d74898dd525aad9ce90e9ffb80c1f85d68a7091']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--93c29c23-17c3-4ee2-97a2-fbd4c8ebc12a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = 'd68822f4ab1a7f343d52489ae80cadc1cd83539c7fed23f33ed39a5f94ffa536']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--580b43e3-5529-4997-a017-5defc7746f90",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.34.6.225' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--99bbe2ba-f6ea-4401-89ef-4b54816528db",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=gameleaderr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b8c307bd-cca0-4e76-ba40-76ddb805da5c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = '0fff2f721ad23648175d081672e77df4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--33842538-7113-4454-a842-8e32efcb83cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '71a5f31e80cab1a5040da3cafdbb5b71b8ea8922']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d56209c3-5f16-444b-b86f-d753792c6327",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = 'b1f6b17fbdaf46723551d443681e9122b09ec2f0f8600e581e4fecb6033b3298']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--628e6552-f101-4ce8-8b91-fb40e60dad25",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.185' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--03e5a8c7-2615-436b-8235-87de98266227",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=razorses.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--74e15372-686e-4231-8dfa-6a8fa6f8921e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'b960355ba112136f93798bf85e6392bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--239351df-02bd-4458-bd45-4bffce197635",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '248e9b33fac5937abe69312c7e8f641837cd3672']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2bbc15e2-2dcc-4bbc-ba3e-ac57ac49c80f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = 'af794805f6af2206b5bcdfffc86c54a5f1717ad93f0a44da4f87a87a719e2d85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--53f7fd8b-2478-45ed-b56b-3fe7046bd550",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.183' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc091243-be49-4088-b285-2e26644776d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=nomadfunclub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2a93443-61ba-400e-a963-6236d47a4bc8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'a3d4e6d1f361d9c335effdbd33d12e79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e842a429-cbbf-4044-a955-deb5194fc964",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = 'e2132ca429aef3fa351fe15b2c257657375bdc35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4fe4fb36-1361-415b-9f54-c2ec00465547",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = 'a331a499d45fd5424c9ebc95229e0becee3cbb6b46a95cdba67b0ef2c7d7f69c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0ed4f387-d295-46ee-96a6-26163e56a6bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.175' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c6ebcfd-ad22-4f9d-86b2-4235b72b74cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=bouths.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fdb0d4fc-d109-4436-8505-43138a798732",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'e13fbdff954f652f14faf11b735c0ef8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d91b537-64d0-436d-b13d-cb6848f00c2c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '3bd508d74b240e3b5c27975cef1a57e607e7f094']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ba3e34-cf13-4f86-b248-d8149e41953f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '0b9cd8f486dfc94feed71be0d30561adc40d7d7f2d9609fd258c6ce7bb15da09']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dc8e189d-55dd-4be3-b8a8-2fe2f53c27a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.184.223.194' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80a849ad-2185-4477-a80c-d7e08d8c3bca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=regbed.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4dc42fc-59a0-4ec1-8ba8-f7c595846e9e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = '67310b30bada4f77f8f336438890d8f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dadf2647-a15b-4a46-8569-5c05da781b4f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = 'f7acd5fcee54ed881ba4137ecc4b6f51237536b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--15e196fd-2148-4907-b0d4-2c58ab57610b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '3664508b9ef4fbf8e2f5e0c2a125b7576f307029960be28f78b5322ea17286e0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a8a3da68-5e7e-4458-a447-c1e90c39e121",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.70.236.134' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9dcbace-8121-4b57-b231-0cf9c2aae6d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=vnuret.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c39e3a99-3a7b-49b8-a793-b57c6f58bf5f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'ae74cbb9838688363b7928b06963c40a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55e45809-c9ab-4ded-9eac-aff00402bce0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = 'e79668f5841c0bb454fa46857f0747e4f08ad62d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b818f2c9-d8f3-40e1-ab62-0008dac14773",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '768182aae020e240a5ccf9c938807ea272c8c532c653253fa8e3bf25a52027a2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ca1ead5-57e9-450d-805b-2f27d7e1881d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.44.131.103' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8eb11483-00f0-4da1-9513-59d90716862a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=serviceswork.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e109a3ed-241c-4d0d-8a62-55a0cdaec442",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'af518cc031807f43d646dc508685bcd3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--72c1f242-1711-4a64-9eb8-11f98efbd3d8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = '80987eb71f88e6e2cc91ed13a38ae56fdb4eb2e2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--010ea11a-be8a-4d18-87df-83c8f9eba27a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = '134fcd1e66219839a9cfeeda3ef03e1f7bc75bf89884accaa2de35cc60cb35f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c51cea73-1779-4b29-a38b-15b41af58928",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.61.38.157' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dd6fd346-ea42-46cc-8b8f-df9722f673a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:name = 'CN=moonshardd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a0d3674-f031-4c09-ae42-eea3c135b299",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.MD5 = 'c8fd81d6d3c8cbb8256c470a613a7c7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59094cf2-fed4-49b5-9b75-c13920bc478e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA1 = 'd281ff15fb8e3905e0721ef597834251532d32c5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd21f8c7-47de-4554-8db4-2f2f8419cdcb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"pattern": "[file:hashes.SHA256 = 'c69b94254d0f0e167beaaa6f83cd60aed8cd7c041056310eb20acdba7bcdc634']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--278af0b2-7880-446d-b4c0-6f0f47981885",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:58.000Z",
"modified": "2020-10-29T17:40:58.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.142.58.129' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--60951b9d-58d5-4d67-98dc-419d52e73fb9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=zapored.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d91d1a87-9c65-4eb5-871a-350e88d48c67",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '5a22c3c8a0ed6482cad0e2b867c4c10c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--942994e9-2837-4838-a351-6d2498060da6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = '8f5eefa6274888757db9e3df64c0f58d44d11b72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ce6eacf-36a3-4cee-b428-e2239337a261",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'c1e985ae6a4c689dce8314fe4dfa4b8a64ab71a78afd65927e2184c920b47d87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1568b954-f3a4-41ed-a269-05c9c3115847",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.34.6.223' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90911197-b866-47c8-b81b-c91aef1e1f4e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=hurrypotter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9749630-6f3d-40d1-9595-c432426dd72e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = 'bf598ba46f47919c264514f10ce80e34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9b4d7ba7-0871-4992-b33d-fcea9c3d5706",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = 'eac1357a85aeaf5317a59b37988ff8da4bdf7c7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2ff6bcfe-d157-49d4-9e0c-5d099e81a4e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = '222c65d6214b8aa693aca5f0dbff4393211c5bdb26469fe013c6b8b37d955895']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a10c686e-b98e-4a85-9571-44b567cf1265",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.179' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a1ca0093-0776-4457-8df5-215d6e3d13b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=biliyilish.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--15c67482-f1dd-45f4-9995-09898ed3c99c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '1c8243e2787421373efcf98fc0975031']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0a749948-423a-4902-bcde-34c92a592824",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = '24166dbbb60e838b2be0d4067c37e90609b2f81e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21b7e0f5-176d-416f-88b0-d6f3f23eea78",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'c20ff644e61e0d0c5cd6b3a06e719142134a87c591156b8137c55b136ec241eb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8c7a6911-cd29-43c2-9f6f-836486fb6e13",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.34.6.222' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--424b514a-4d46-40e6-8ecf-e53ed1b7c4ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=daggerclip.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--142fccd8-a0c3-4307-b02e-2e0859a959d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '576d65a68900b270155c2015ac4788bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--da02a56b-d3a7-4ca4-ba43-6225c3d92b7e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = '4850ebcd907367c9ee7133a2c993b3b7c9861816']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41b2d544-9a25-46d2-945a-4086ac6efa91",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = '4bcf0bae658af0c1600f8a46336997539fa731faf49471babe36f47fb114c0c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f522586-9b0b-4f8c-afbb-0d7bb4d71013",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.180' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9ec2424-c3f5-432e-a23d-41db0e1a3612",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=blackhoall.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed18315d-0b5d-41f8-8024-0c28b0bd31c4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '69643e9b1528efc6ec9037b60498b94c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e83c02e6-80d7-46a6-bb46-ef4bfae477a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = 'd7c0dbd92b64e88b9ea3920236ed8647fb69d090']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ad3ae248-415f-44c5-bb5d-dcb652f12581",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = '9292a9a0b4c189b2cdedd171a378df59f79a68845cbb7d2aa558aae307728133']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d10fe2c4-aee3-4c65-9643-2513abce26fc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.182' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a53d3ce9-85b1-4c64-9e08-3274926af67d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=checkhunterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a773668-2d2e-42eb-a846-459b94c819a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = 'ca9b7e2fcfd35f19917184ad2f5e1ad3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--94f2bce0-a4a9-48b1-9766-ac8e929c50c2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = '61814ecce812af2ab2721a4e3aa29f6f4007e049']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a79bcf27-4361-4301-ab7a-d9c3f6886dee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'e2b5b101bb859da70976a0e0cebefe0fef7661468d557dd12a89bc0c4b1326b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c88e77d8-750d-45df-9219-9d5fcb344001",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.34.6.221' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a16e084d-69a5-4b8a-af28-3242a219814f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=check4list.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5018dd72-a0d6-4e0b-8ecb-cc786d9431ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = 'e5e0f017b00af6f020a28b101a136bad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e8090d0d-6b8d-4f4f-9398-6e6ea5bf323d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = '27671b2a86f211ce561447e25a9f4995a4d5996e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--77926f10-6d14-47df-9239-30882fdaadcc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = '812ec11429f518e8acd19e01ba7a4ea3fc04659d04208725cd7ab60283ce0aa7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8c66ec28-d3ac-4f41-887d-8d95d959839d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.252.244.62' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1410a39b-b8b2-48fe-9a64-1791c77826e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=ayiyas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0dc76a9b-5449-4135-8ee1-8b71f76ba192",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '8367a1407ae999644f25f665320a3899']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8cccb91f-6340-4e21-94c6-6314d59d1892",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = '5bd0b15876004ce7af2218d46c86b8956638f279']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c887a69-301c-4598-a986-b99e854f11e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'a80e9ee2fef673d2b0a861f6146c0b1621bfaecd969b4bfa529053c1888c71b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4b1edf04-c147-45c8-91fe-b608b0576847",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.25.50.167' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1603b793-854c-49b0-bf22-a9c1d129afb3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=chainnss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f006e272-c0c2-4834-8fa7-f23e467e760f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '34a78f1233e53010d29f2a4fa944c877']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0df6cea0-6cee-4640-9fea-ca165c2c3464",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = 'cb118484346b3268a16e58fb3b7da385bf0863d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db26b29b-46b5-4ede-a827-30df27676f46",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'ef0c51547367d21d4d3c255976be08c127c80c8ac542ab1a3b005fd9ef1f6454']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2233fc39-2d52-4b76-b4af-f70ef20eda60",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.75' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7aa0b1c-597a-427e-872c-2945310a7c36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=martahzz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ce2c8cc4-9402-4e68-93bb-68c8e27a4118",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = 'eaebbe5a3e3ea1d5992a4dfd4af7a749']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--832a24c1-de3c-40f8-b244-e3cd5ad38817",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = 'ee92916b7e31852265eb1611c48f0a75c9051d4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ad4e1dd-7dba-419a-b98c-b1a8c67051d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'aa82203d08e8c4268aea33a0130691c46d6b877bac150cf89940031b8e30c297']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4b6e869b-443f-4e8b-acaf-eb22b33f5178",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.74' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17caff3c-6246-408e-b1c1-54b6bdd3a979",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=jonsonsbabyy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fec03c15-542c-4c74-af45-f326c770a6d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = 'adc8cd1285b7ae62045479ed39aa37f5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6deb89bf-d428-4fc9-a0ef-bc2dcb88f4e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = 'c8870ae156e2365cbe233e0762e3d63650aca3e3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--78379b8e-7895-42ea-8197-a8de8ad06660",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = '3da68b366ee4013d48c0b2e5712aa208970a92be918198950c1a5a6223b6c219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e7cf4e2c-08a9-44db-9f9f-e509712aa7e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.55' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3c74a814-4db5-4b77-87f9-f056d4dbbbbd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=tiancaii.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ae5cf6a-df99-453c-ae46-8142abbbe3ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = 'bfe1fd16cd4169076f3fbaab5afcbe12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e2d35926-7cdc-40c9-bff9-2928941af9be",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = 'f2b7653b132d60b7b2f9e461b6f1e60426af85fd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d8e7ade4-2507-4069-bf00-1e360f176d7a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'd3f586b4e077e7d7b7abc0b287d1868c45d3bb51e59d9b672815131360787033']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe745970-772a-4e28-9004-d03b4a31c67d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.67' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59494401-004c-4805-a6b4-d15efc3c6c74",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=cantliee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e2ba599e-07b7-4463-b541-516a2ae7fcd2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = 'c8a623eb355d172fc3e083763934a7f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2460711b-3126-4a43-a42b-6abd08582509",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = 'd9c47cbae48e0edb64272e0a3a434c15b15b5dde']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--137e47ee-b6cf-42bb-90e1-a8a99d10a92d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'dbf0a3b9b9b2a6b8b616574e40f29ad2a0e73ee40acdddd8db8c94f8e75b8d8e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--86bc91a3-4c10-4178-aed4-61d930fc9cf9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.76' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--691c52f9-0fd6-4a73-ae40-aa868f40546b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=realgamess.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ff9b4a2-a9cf-45c9-b0c2-933c1c009076",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '0ac5659596008e64d4d0d90dfb6abe7c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f886bce4-eacb-4e99-85de-8ebe88c38c2f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA1 = '4b240764f897fb1707e092e4abfcdbbe46dc883d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d799347d-02af-4fc9-a56f-582fed62d461",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.SHA256 = 'ac083058a2fee2e716c7b373528707edb9a9a9e194201c8d5f74c363b1383d4a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58ea79db-b261-4528-9b7a-a62d85e27f84",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.68' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a201d17-337b-4f7f-a0e6-2ef71d23da34",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:name = 'CN=maybebaybe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d3ad1857-f39b-4218-a6e7-8d29a5338c04",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:40:59.000Z",
"modified": "2020-10-29T17:40:59.000Z",
"pattern": "[file:hashes.MD5 = '48003b6b638dc7e79e75a581c58f2d77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:40:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2cf3029e-255f-43ff-9c0c-6fda843404b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = 'a0c9f25e1c9a6963118eea8f49fa65eacfb93973']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17130833-f0d7-4fdf-8c61-b4faa58a9d61",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = 'd3ab1f3333a7567cde89eb9436960c84f9bbc09722f81ef0e5d28f20e659a7bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34ef788b-0327-4a40-9cc5-5b4c51369047",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.69' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--14bc5943-41e8-42c8-832f-fb83a0030ef6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=saynoforbubble.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c36a15d-1621-4d38-b6a6-ebd23ca29553",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = '5c75a6bbb7454a04b9ea26aa80dfbcba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--594b00d4-c5b3-4086-a686-ec30ed2a1bb7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = 'd9cc74b3dba2703f75a215eb865a4e6e495ced06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--916bfab6-a92b-45b2-a5bd-f16a66ba6214",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = 'a7d14ac933639fe20d7b93df84f1292aa7492387e17260d72d6769c084235c08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3a34a18e-56c6-4a81-9d2e-50855ccffa64",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.73' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4bbed2dd-27bb-4ccb-a5bd-6b9a842f2e5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=chekingking.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6669c0fc-7399-4baa-ad90-34708b0879c9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = 'e391c997b757424d8b2399cba4733a60']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--abad086f-7325-435f-aa41-6a88129b3e22",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = 'b374522b6396b1f568457d369e9d8e304ac036a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bb2e642d-5444-4959-890f-37e4c80be6d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = 'e509385983e26519aaa400f7b06179c54b6917e3664c9ebfdb56bc01a70ab868']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3751124b-7bc7-4838-9851-bf78f022ffc2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.77' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f291207-3c62-4e7c-86e6-556d6edc099f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=wondergodst.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f11c69c-e5af-44d2-9d46-044287d446f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = '035697cac0ee92bb4d743470206bfe9a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--83536038-c83f-4051-9ca8-ee3567162879",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = '1cd42195ad924216fcce3863e026f4a87b4aaee2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ad09fb43-3c66-44f8-b672-437949d266c3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '9bbb72518c024edc55b270fe0816db1f0fd86191cc878f7be9486c2e66cc03c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bddb87b0-441d-4686-9231-ef41f3b40949",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.78' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3f00db76-6c96-4a6b-9993-bae585317444",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=zetrexx.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--078ca1d3-de14-4396-91b8-085498866d05",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = 'fc133bed713608f78f9f112ed7498f32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed4b8afa-556a-4046-98bc-912372d56f63",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = '87dd4a608135596ecaffcfb96f1a8a4aed026119']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9088f1af-33be-4deb-8200-e85aca01fa55",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = 'da5061433685ad7ac4ea986a82209010a6b2dae8566df43f015361e8f275a5a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--da7a6336-01a8-45f9-93a4-6429089fd567",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.252.244.38' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4f1775b-fc7c-43ed-9c44-ed84c191d861",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=mountasd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c853633b-8979-4117-bfef-d1d0c419f676",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = '8ead6021e2a5b9191577c115d4e68911']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--09dca847-1743-40ca-9578-ae6e16f1de6e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = 'ed7e2bc094deda6faebae2277511c9d9d54d4c88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--02bd54f6-4483-4ca6-8f66-1b9258569914",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '1281fe55f97251df0420819582afebf63b4f080ab99a4a9e0242b0deb2d9d117']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--df5cc112-220b-4590-97f0-4c91b5108878",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.173.58.184' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5816bc97-9eb2-4043-9fd6-0e13d909e798",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=pudgeee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--71d4a1b7-0b14-4513-80f9-da2363060bd0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = '1c9949d20441df2df09d13778b751b65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f24181fc-9a9d-4929-ae05-5cdfff6a0506",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = 'c7b0f4ffcce520791736473e6261d6a72eb1d304']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--074f4ca9-f3f6-45b9-baf3-e80f10e19049",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '7f282468dedb29a3dddca65a717425bfe923e5de747c2814f8af82850945841d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--38120356-e54e-4e44-8d7b-a6b1606ff57b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.109' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0481b9f7-17c8-41c4-a73f-11beac10d856",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=loockfinderrs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e6a5323e-6a4d-40ff-b7d8-c0f2cb91801a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = 'c0ddfc954aa007885b467f8c4f70ad75']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--094865d0-79b5-42fc-a48d-4a079124b039",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = '75605cf169d66ec948340774e50d5f5ea13900c9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9105a326-b4e8-404a-8a8e-208b121ccd91",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '042ee6d0b7ac46062ccd59630045ca12855a747f016526bf4a34ebe901fb67bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d264264-99c3-48fc-a5e3-82536e063356",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.110' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d648437d-3d48-4c22-b29f-b99f58d5dc26",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=puckhunterrr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b36f0881-cbf7-4d03-aa34-0ce9f372166f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = 'ee63098506cb82fc71a4e85043d4763f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a6e7ba16-fe4c-4e99-ad2b-e1a4767b46ff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = '0fd6ce3d7e779135cd0dbb8351ddb79db8b5f8a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--374e5eff-8741-4abb-908f-3d7c60a6dc81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '6e4a38ebaea3e6cec375dac16a73e86fa7d69c3be506770f8ce65b11d98383dc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--396af692-dd97-4164-9ace-2d3134c9270d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.114' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--82019aa0-49c8-4117-bd46-18a888cfeb8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=voiddas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f528873-a9d0-4822-90c0-7db6b4f77907",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = '422b020be24b346da826172e4a2cf1c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7fce281c-b99b-4bd6-aedd-cc50f43a18e9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = 'f1c8c8a4c345abe865ea6ab7da51b686a2321689']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e68278fa-3d7b-4a85-bcf7-6e6957806f5f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '1c2118797e02f339eb68a2c68b85c307f6f4fc2601c62e7b39a2e5c5a0141922']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b6ff600-0d89-4f41-abbf-eda687f651d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.116' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d5faeb05-85aa-4d95-8f26-a1b5025494de",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=sibalsakie.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9d0e77ea-8e8f-4fcf-8ea9-ea5d994823ce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = '8d8f046e963bcd008fe4bbed01bed4c8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4817a2f1-d041-4ee9-88ce-b29331cc029f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = '4a35689b505035a9318250ee82d9a36a5d4d2c2f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e08d4c90-c83f-4c03-9612-53dcaa75ae43",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '2acf1e46099656de27c404930fa366f608f635b8a3c5d492a6192b7ef38d6893']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d347eb03-58ec-4f76-8eb4-11545fecc383",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.117' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4f07a21-26a5-4d0f-9d41-6f400fe35f6e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=rapirasa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--69dfe4a0-15fc-4e24-b872-f2736dfeca69",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = 'c381fb63e9cb6b0fc59dfaf6e8c40af3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ec7535e5-e5d0-4853-9ba8-2c3a8e2ff1e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = 'f763022f12ddb4fd218226612d3a02c7dc2fc959']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--deee1be5-93fc-476e-82c8-4bca3afd862e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '5ea854e96401acb31810be8969eb6aebc2d68dcfc0c4a2d1a954bfda0a9620f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4553cd7-1c33-4905-8434-abba42d5c384",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.118' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bcab3f17-47db-4396-8576-97474ccef51e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=raidbossa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--73eb3a4b-6564-4c65-9313-6ed7ae14ed3f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = 'add6b742d0f992d56bede79888eef413']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58a481b2-7a4f-4700-aefa-3e19917e7fcc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = '24aced0224bf620f5c501409a30bf350e6bb0d35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ca378a48-0034-4f20-bac0-f5eb34b106ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA256 = '2f19e28869c1794fe45fc635c229f427db0ab1b8cf9f16624f2c512c99d084be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e99246f6-2e78-4695-ae86-659f2a48431e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.119' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bf9e5427-d1a4-4e11-8306-3073094b5101",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:name = 'CN=lindasak.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7856838f-d0e2-4f5c-9dcb-22b1f139f5e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.MD5 = '9bbd073033e34bfd80f658f0264f6fae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7561fbc3-b13d-4fa7-806d-3a14a23845a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:00.000Z",
"modified": "2020-10-29T17:41:00.000Z",
"pattern": "[file:hashes.SHA1 = '38248f4c139c162018b5a64cbd98084436808549']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--423d1e97-8663-4cd2-9afc-765f0c26d025",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = 'c92bfcf1e8f8e82d74ce33163a1160c1d3bca5cd9c9a99516735d4aad6cfa25e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2eed8679-8fc2-41f4-a5f3-62e312687fb0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.121' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9b994693-ebb0-494b-b705-069459319aa1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=bithunterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ec22f7c7-2f8c-4ba7-aed6-cec3a2e59b78",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '9afef617897e7089f59c19096b8436c8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--43abee99-b5d8-49f5-99a5-5adc6b5ac1d1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '5ff484b5af4bdba94ff7dd9cec25857039514770']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9d644de9-e56b-4798-8564-9db5495fbc70",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = 'f802c6617afba516a0bc125b73449485e83aa926ac9fdaa42877d9ee2547955f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1716fb63-98f8-4f81-9e70-8354f62f4318",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.120' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55dc07f8-34b5-4d3c-82b6-62998c61f449",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=giveasees.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--659dafde-8390-4b76-893d-ea2e655d331e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '3f366e5f804515ff982c151a84f6a562']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f9f2a7e-a1f6-40f0-8e1d-983969f0a0cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '9f3b1f1a0cbdd54d55e7b6b0bfde39e2aac5f5a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ff2ad249-88ae-417e-b78c-cad68122c770",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '36c41b0a3bf491e5d4e5278a4487f303c90ffaf6925d7a981e48f14fca09b60f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--19cc65e9-5c7a-423b-94c9-587ae68c45ff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.107' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cf57bac3-8437-4892-8723-6b5291f142bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=shabihere.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--346af9de-fb47-4afc-a53b-5cd6096a2d17",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = 'c2f99054e0b42363be915237cb4c950b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2fc60d7d-326b-46a6-a600-f2d9900d3bba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = 'd3b80a6b3c045ec6662c5f39b01fa9dd7cd4d603']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c5183af6-b043-46cd-bc5f-392b4bbfda3c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '96cc2b6ba1cb8c6dee3d27d8b2e4a9ac81d05c2068f8a357b9225b6227068950']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4dc6696f-9f55-4837-9944-405eddb6ceed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.125' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--473016f8-1dae-4891-9c27-524f3e026f1a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=tarhungangster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3524d0ca-32b9-4cac-ba24-5ed8a89e28d7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '4ac8ac12f1763277e35da08d8b9ea394']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bf76ee6b-79e6-4d5c-9d7c-27a5f9661e8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '14ed7ae76a621f6aaf5110ab747857670f440783']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--715defbb-81bf-4cae-870f-251d9787b0db",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '4e3259151e9d03f81c8364a62ac804d7fe62b905fae04fc52ad9e696d9d5421c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--651c3e9c-f885-431a-a976-abdac17ec305",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.126' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa864cc6-84c7-4172-9dbc-65e745543f7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=imagodd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eace9a4c-6187-46d4-bc09-6ff98619e625",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '7080547306dceb90d809cb9866ed033c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f30e0ac8-6d4a-4d20-a0e0-80cca57ea302",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = 'efae6b58763a9d58d884d6ee9232eff55d4e302a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7ce7a2ec-7dc2-4453-be08-74ee4fdedb85",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = 'b37e2c3d5f8e8c3e794c393a776d756c4af53134d4dd8c0fa1beb7def345b72e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--081b1df1-63f1-4dd7-9b1b-b56fda01d7aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.127' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f01661a4-d293-4a07-b47f-765403708cf0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=raaidboss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--204bf892-a89e-4fd8-be71-47454ccebeb5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '03037dff61500d52a37efd4b4f520518']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--453403e6-dec8-4509-bcb8-d9bd337e5767",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '1a646c21146b9104e8e7e178b4ef147961ef59f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d63e63d-2004-4522-99ec-97c49d4abdeb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = 'ca7cd832286322c4de026cc26a4c2b465c08f94415145f7eecb7e9b7338e1370']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d822b308-d00e-4a17-badd-15b12543640c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.128' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b64988fe-d0ed-4aa8-bdcd-d303b62a8f9e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=sunofgodd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--991128d8-98b3-4d53-9235-388caeea47b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '959bed7a2662d7274b303f3b120fddea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e7c3c49c-e35d-47cf-b9a9-05546b4d70d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = 'b1f5a40ef9aa7180101b2e05af43871df777f840']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d37df7aa-34c3-4556-90d5-518517f6a03b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = 'bdd26225c1268a7bfa274fea43df895308d3c8c8b67e6e5f602577a4035bb5c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1a176844-25b5-45f3-b33e-71d7d007a46e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.252.244.126' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--73add41b-cdc4-4f4c-bb8a-bc8d96820003",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=hungrrybaby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d2f9e5b-e330-4fe8-acc8-029a407f0cfe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '1d28556cc80df9627c20316358b625d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cfdd50f4-b2c8-417b-b94d-630e8c20c6eb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '12aebbd99d54286c77ceb2256546b50c2256110f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c455b52-f9cb-42b0-a889-27a7c5387530",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '81a840fb6ddec8875e4e3049af252dadda5962c476d8f8138af93796f9441c6b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23735464-e737-41cb-9ee4-3e7e0016163f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.252.244.170' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb5dd8bf-ccb0-46c3-ba7e-9a4a4477ed7a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=loxliver.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f290572d-ed9d-4bef-969b-d23615919a1d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '85e65803443046f921b9a0a9b8cc277c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f78188cd-db76-4496-b9e9-fd62b29fcd93",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '1e469db70c11e4df8084609f3793ab04389e6e05']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e686e9ec-4fc1-4a16-af71-03658e39e680",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '7b988f9b38a6c581fe1e36599f2dcaa40ec2706e1718dacce64032b9d25740db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0e9fa37d-53a7-46da-a3f0-e7735b5c59cd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.252.246.154' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--44df2d3c-0933-4135-b3b8-06cb457dfdbb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=servicegungster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f34398d9-1ee3-4ccc-a384-79bb1021ec90",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '9df6ba82461aa0594ead03993c0e4c42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--65b486c3-e2d8-4e3e-9db3-e7ddc2b97f09",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '8b3683e97066f0cf2d36eab3f51f4834f1c55b57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e8330264-7dc6-4626-ab7b-af151fd09864",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '28525ab38298c517f505adc83084672d2bb6050f4943c0f73594eace7630cd08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--31751d1d-b3c4-497b-82ec-467c1acaf539",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.113' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eaaa620f-3d0b-43e4-968a-4bf3e26af0b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=qascker.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8d204451-724c-4aba-bb11-a7dae13fc152",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '18aadee1b82482c3cd5ebe32f3628f3f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a75ec48b-6cbd-4dac-baf0-9d1e0d6eafc4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '8d493f4d4162073fd13faee3c1f5f27f6f6ed401']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fcc62b2a-1029-4691-be31-8ca062fd7117",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = 'a5458466789d90b4a4c95dc4765e357fe71d1815fbbc04b4f5aea7fecf320d61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9353295a-0d35-43d6-99bc-69aec5fac20c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.79.122' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2dd90747-4d56-452b-8cbf-1171d2b5aad5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=cheapshhot.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--666ba981-fa78-4251-ad5f-d74b062fc859",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '94bc44bd438d2e290516d111782badde']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b313f50-fb51-42dd-82af-29a0be25f0f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '1ac482a024ba540715ebbad9e7227c2b3a2b5088']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a12b651-7882-4e92-96fb-e76921172edf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '56d240302f4b28a81026650120840ba3643dffff2ca573d4c565e6a36ef0f035']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cfa6413a-8819-4c2f-bfda-5b5423410a33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.94' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90c0c67f-dabe-4101-b9a6-a169b1480cce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=havemosts.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c8f26b6-d746-4d33-a10e-471507effc54",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = 'f0ede92cb0899a9810a67d716cdbebe2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5eb51362-d855-45fd-8318-03eb88d940b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '2da9c240a576d7759acdf32e2439bd796c4fbcf4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f1ed871-98b4-4bb4-9841-99b709729026",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '6806dbda2c27cee9a9985bfbfd3d4be798c60c7c91295603d404d140fa94f97b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--101715d9-c626-4b74-b86c-b2e6610c4d46",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.133' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--232bee2f-44d6-4360-9845-c4fdca9ff9d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=mixunderax.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac215c5a-0d02-4417-a7e2-362e246ea86d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = 'e0f9efedd11d22a5a08ffb9c4c2cbb5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--563c40d7-0243-4126-9239-9a94fd5a3b92",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA1 = '98d52f82bb0d70bb87b1c139ccba51496f887d25']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dce4ec6c-6c27-401e-b36c-6eb476727524",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.SHA256 = '18ecb205501b4e0d80cbc0cbb862be8d1e6eed49a7f0eba1862ab30f1fbf2940']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--53c5eb1d-77d0-445e-9cec-b36a463399ab",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.135' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--db10e884-4af3-4c35-918b-240d5d779c51",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:name = 'CN=bugsbunnyy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--15f88af0-84f5-4073-bdea-f6a29b07bc8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:01.000Z",
"modified": "2020-10-29T17:41:01.000Z",
"pattern": "[file:hashes.MD5 = '4aa2acabeb3ff38e39ed1d840124f108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de7e8750-89ea-45f4-aae9-fe213eacad5a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = 'ddce9c2b6dd06b94f6188e63b259026f880df88f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2bf845f6-35f3-40ad-8067-98fbddf1ee2a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = 'de0a60f67fa05ff0885fc23e6814618f9632837ea30e14f9eb2db3b512e6533c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c40c1146-e62d-472a-9a3c-f28bd39836ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.72.202' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd125b41-a433-4666-be4a-a5fc58400777",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=sweetmonsterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0121496-01ed-4c90-a827-7d7b35a812e8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = 'c04034b78012cca7dcc4a0fb5d7bb551']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--12c8056e-610a-4d47-8666-a9558bc3236e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = '43909ed10169d23fb94549e0a9eb46ff987c8651']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--60e3e725-a65e-49cd-a610-291f9a436457",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = 'fc9804f6d67f9a7259d99e08fa119faee843fba57b081bda1eb1140ecb5a025b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--78371961-fcf3-4bb2-ba3e-10e579852978",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.175.153' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80abe23a-84fe-4d74-8575-21f21c7e3c16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=zhameharden.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2d42ac0d-4a37-4dd0-9770-905fd6dc489c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '2670bf08c43d995c74b4b83383af6a69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1e546e3a-9a3b-4d44-8138-07c29463c0e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = '97ebe2d432bb5be91298f78187548fa7874ef114']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0c07d30-5645-4495-9c54-9c2d4e996058",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = 'a6ee5c5609f2b24680d34ccdffcbfd7f19427310a56acebf3ee544ef4b39f41c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9a827bfa-4c3a-421d-991b-c5d51a5190d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.252.245.71' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--86ccd931-1620-4660-b5b6-dc8ca36c9ddd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=serviceboosterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--667c1b81-2fc4-4c7f-a63e-d66df83f6818",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '127cc347b711610c3bcee434eb8bf822']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5fbea045-a8cf-4a36-bd51-6ca90e344123",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = '6af76b92e0e0db69d1024bb66eaa9bc9c5c7947e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--30e6ea20-95a6-4a2d-88b8-6caad185973f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '7f7dbb5bc8f71aaa72668b0c10e19564cbb4923fda9cadffa6face516fb6118e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--28187ddf-21ae-455d-bf2a-3d2fe4ee24c1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.252.246.144' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d39d042a-112a-41c5-80ba-817726d07e5d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=servicewikii.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e1bfd63d-7aa9-43fc-a8f4-54d336bed3a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = 'b3e7ab478ffb0213017d57a88e7b2e3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d33df106-a467-4d77-b3ec-317b991f21a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = '34520ae25df006350a174c287e0d4b179fb148b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b99b4908-9f61-479b-a35f-efeb8242bd0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = 'e4377215cf961dd74837d755ac315912c2c820cf5eceff2891138bf61b315a68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bc088d81-c1e5-421a-b531-62e91d9fcdf1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.149' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1d058681-599e-41f0-bcec-e1368fab21b4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=sobcase.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--931a7243-1929-42d0-9b29-df6e380e9ce2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '188f603570e7fa81b92906af7af177dc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cfb8fe87-bfb9-46fb-a781-b2175b79aeb1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = 'aeb22ee63fbf416a0a9bf6d855dde5a16a72f88f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--520a0a16-b44d-4750-a7d1-ab941604554c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '6447cab0fcd91a9087c2d60cc6d3b2b4f0f4d5e9418d7c6f4ec375d5f3b396d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--025f5a22-f099-43a5-bc92-1fcde0856cdc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.144' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--93b8e4c8-e232-4caa-88d9-f07241933d58",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=unlockwsa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a70f787-fd3f-4450-917a-921a436f13fc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '22d7f35e624b7bcee7bb78ee85a7945c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8c211bfc-260f-493d-ad46-5f99e745a6e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = '6bfb6904e052823fe00944f61532c15a0f1a35b3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a9956620-4c2c-4f3e-9463-e7de943e709e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = 'aefdb31f6f03ad285ac53f0ef3abb6954f8dd866699f9442466e11e36849b2e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--29cb7525-70e3-4ea4-ae3d-8715617086b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.139' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e02b77a3-f9bf-460e-bae2-0036ac99b46f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=serviceupdatter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0cb10b1-1cb8-450e-8f42-e2b53d18a602",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '12c6e173fa3cc11cc6b09b01c5f71b0c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d758e0ca-578c-4080-b412-bf8c4d7265d1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = 'fe561834be5dea2eb7b8047569187f0b43e02f9c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--33779627-a9bd-45b3-af49-c4786b0dd249",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '8de5d415a3dad09bf3acce487b3395bdebc033bfd0cb7093dd22222b42ce8b72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fdd814fe-b941-4f96-b12b-f81288a1b9e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.174.133' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f4a7731-40bb-4e5c-a605-5fe897a962bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=service-boosterr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--559306d0-8bbe-45ed-91ed-97c94f062ba1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '28435684c76eb5f1c4b48b6bbc4b22af']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0bbabe30-a13f-4eeb-aca7-180263a73d7a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = 'ad2bd386a7512001f552e4b28986cf6a6293b94a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d231608f-a3f2-4ff8-bc99-1e8bccceb430",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '88f35280b7f17f156c331a92d7e608091908cea906b01a0ceba04f91302dac40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d7e2f2de-d3be-4fd8-817e-e80686513725",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.175.214' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d1519426-da7a-4649-bbfb-f12074cf7e5d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=dotmaingame.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eab394df-c70b-481a-a687-6e48d7a21729",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '9c2d64cf4e8e58ef86d16e9f77873327']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e5b5aa67-b3d9-4c75-b400-52bd1fe70fdb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = 'a591832fb7bba5b787fd23f65b6ba4bdb1ba0beb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d2b0d30-9ad1-4c4e-b52e-5e1c26baf9e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '73275525d6cca5594d266a1be3c74fea4d2ff2e904092ba14b0ee368706d15cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e1424895-44d3-436a-a4ea-70857fae375c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.72.200' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--94e129e6-a1a9-44f3-a24e-ccd1efb7b0cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=wodemayaa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57b868b6-b386-4b11-b22c-1081f1fdff16",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = 'f6f484baf1331abf55d06720de827190']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e3c3fb90-3dde-4eac-9559-6b9f4dc67746",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = '64816461d107afab763789d635bb9b2a507004a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d39d3e6c-436e-4a60-aad9-74101a108c58",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '6206e07df0d926b544a50b88f2b723e10b267eff04cfcb4976426c15ec1f5a58']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--98edfbbe-4652-4691-85ee-d2259dc5d05b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.79.10' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e46d5a41-13be-431f-a5d8-f6a7df0375cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=hybriqdjs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--832aafce-76c4-46a8-b53d-1b6f77e5d1a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = 'd8eacda158594331aec3ad5e42656e35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a333f2d-e86b-4276-8458-8012b339bec2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = '698adc9d76033dd8d67043076fc1e2c6775c7483']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a528a32e-fbb9-450d-9f54-27cb8b768107",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '6f71b53a68558751400af357b7abe50adc12d4e6cab41c5d929b71059e02dfac']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f7331170-da7c-4c3a-9786-cf12b4758881",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.79.12' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cfa1786e-82d0-4458-b699-e016124d92ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=gunsdrag.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--64e55761-de06-4d51-9743-3554247bc1f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.MD5 = '29032dd12ea17fc37ffff1ee94cc5ba8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2151919-a80b-474b-8c7a-85e2f746a08d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA1 = 'b618ac106c2e3c419fe06383f8db441e1eacb7a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ec4357c1-7861-4638-939c-aa33338fc838",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:hashes.SHA256 = '6cf10b3123c11e21859dffdc123cd0f1c307b95dd1c60cbcc50e0f68fa39ca78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c1d32eca-f002-4fb1-80e8-52c5a90f6144",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.79.121' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--663e3c6d-9934-4d10-8fd5-f6ecddeece05",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:02.000Z",
"modified": "2020-10-29T17:41:02.000Z",
"pattern": "[file:name = 'CN=gungameon.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ff43d5e-3bfa-4470-9cd3-9d0c401b0607",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = 'eaf32b1c2e31e4e7b6d5c3e6ed6bff3d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cd709162-817c-4ed1-aeca-c83ae8e8fd38",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '03e0687898cb57961c1d41189078d03217e256ac']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--60680557-853b-4b45-bb62-d3469d75e1e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '7de1284a9be8f2f1325299793fc69ad789fdd371dcb80e60d83d8c814ad50d11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--793fc384-8ea0-4908-9e1a-9c1795c29115",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.174' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6edf6335-57a1-45d1-82df-bbc722fe58cd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=quwasd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6674dc55-11e2-47e8-b618-6b92cac35b2c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '442680006c191692fcc3df64ec60d8fa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--01f134ff-93a6-4dd1-9d47-46e625abf86c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '36d568f9be2a34e1763d8978e5624dfcae0297ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--40b84471-a00d-4df3-8964-2733b8933c19",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '2e4e93621b9764c2b909945b8264ec05b891f6dbe307fe2006f06d340598af3d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed5ad7cb-661f-4d61-9ab4-80c297897393",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.172' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f81b80b-c8b5-4c8a-ab20-591e3183b0d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=remotessa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--61b0b444-6db4-456d-bde3-603499b0845b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '0593cbf6b3a3736a17cd64170e02a78d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe37311d-9d49-48e7-ba13-877e35e4f79f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = 'e05c9d8da4609a7d8ce53f41c2e823b3b0094302']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--678d51a4-3762-4c71-84f4-2672199284e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '2cb978669ed68235ddab4652450fdf542ec22814907ce402cfa22111c3fbd492']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4459df64-34ea-4f8a-bf6b-b1b99186667f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.167' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--550f9a96-da90-4818-a434-283d73cb4d93",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=secondlivve.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--444d1992-bf21-4c47-bc82-a95588e60b5d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '38df81824bd8cded4a8fa7ad9e4d1f67']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--66a91d3f-c8f3-4c27-a906-74520bf768d3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = 'b7639e6b87924d40aff0757ab549a85beb285dd0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05e52def-b366-4197-8598-470cfdef08f4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = 'd7d1829b73982a6a5f08527a061a81119db1e8addf36f88753038af2c44beedd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--805256df-acb9-40ee-a2d6-62cd59be403a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.2.64.182' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f50776ed-df1e-4fb9-bbe9-da708ee0b367",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=luckyhunterrs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bb77aca1-57ba-4554-a7d9-c02113a86848",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '99dbe71ca7b9d4a1d9f722c733b3f405']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a78d3912-f892-434e-bb04-f5c8e20badd4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '4c19c288d9813c02e9f6b15e623e340f35954303']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9e50b8d3-955f-4951-9760-c88c20702b92",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '99389dfbebf0e923ac0546e646be703fcd19a03a6425be7c60fd8a69ff9933a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6821bca8-87a6-4416-83bf-e8d2a36839f7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.97' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b4eb713f-4ee7-4fd1-a44a-21a8832b5827",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=servicesupdater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--768cb876-c400-4ac0-88a7-8c604ad72cf9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '7d7199ffa40c50b6e5b025b8cb2661b2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4b77aa0a-33fe-46e8-973b-0590c964d75c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = 'b0bed02bc27674ce57b489ccd13ffad341afc844']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd2707fc-6913-4ef6-aa60-1bbd9edf8f47",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '5d8439709508c63cd40d92a136e875d163d7a74f0d9bca5e576377b1f6d48492']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7c8d94be-76d8-4cc4-b338-74e28ec2fbb7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.119.171.96' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5994f579-8694-45c4-a294-b58fe80ac1ac",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=servicemount.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--27e7ba1a-4ea5-4ad4-80f3-3a25e0bd06b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = 'f433d25a0dad0def0510cd9f95886fdb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eba5f8c4-7e80-466b-8de9-9c352d6739a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '8c6d0ab3f99997ee0bf7e6d9b2cb120508bd1799']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8dcb8ad8-786f-4581-950c-f2806a2c6b64",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '38b66ff18a5398257a6b755ba5f526f35a359d99b43ab49dfcf74dc8e1db766d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b23ffdfd-6974-42f5-8508-17e4283a4fd7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.9.209.217' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cb499764-a7fb-48c2-896a-ea28decb87f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=fastbloodhunter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd9f489d-127d-480d-a30f-3f7235c65487",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = 'e84c7aa593233250efac903c19f3f589']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed7889b2-5cfa-44c3-b210-1c4be9c775f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = 'f8d88c2d967938c0efaf05863d1ef12b6d3ff5f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0de3b2c9-f535-4b26-88fc-8e307c8d557b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '62c79edba47054f47a50f7b798592ab1868894d9e65a3bcfbaf6485f4a7c81a8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1161d3ca-9e47-4ef8-9b18-8eb4a8de8870",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.61.38.132' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--11689be3-7298-4c4b-8351-b665b8617d68",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=kungfupandasa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d679d15-0ecd-4b22-a75e-f01f239e2ee5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = 'e6e80f6eb5cbfc73cde40819007dcc53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a23420d-0f31-421a-8d79-2cd13cbfeec9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '80afd1bea19a98076f51864b1649d295ef020207']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d42c54ca-ce56-4434-8084-160986c9a052",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '44ede733c69a20e525da028d34c0d9f9473c89b03d7c2b9fad26be852303c53a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7da3c695-697b-433a-b0bc-203d47ff5244",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.230.131' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f68b2b92-3aee-4e5f-a254-242496f659f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=bakcup-monster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b21f3008-ae7f-4902-9a57-6cbc0a24e764",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '4fdeab3dad077589d52684d35a9ea4ab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb736483-f6e8-4681-8c13-76a380f984c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '2d9fb5761f3c2a369e1b65250b3b6230d91b8547']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--16ba4692-c233-4342-82d5-1f229dd79dd9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = 'e669b3f2a00ea72d4c906992eaaca3b783d23f0e26331fae6560f63ecbc61862']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--51faf74d-e069-43fb-8c3f-395e339fe27c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.229.92' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57fe0a24-c828-49b9-9ea8-6baa6a4244db",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=bakcup-checker.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c10771a-832f-4350-bfb8-2e4962bdacf8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = 'b70cdb49b26e6e9ba7d0c42d5f3ed3cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--11a9b038-021d-456c-9116-e35391361bb6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = 'ac09ea878a88f06cf078e9d3a132ef88f63c4b09']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--16642aa3-ceec-4052-92b4-262d87a58b8f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = 'e7ed522920c8936004be2ca95165806166e16261c9da7065fb39958d80520e15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f58ee338-6577-44d8-b8fd-98aec4709acf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.229.68' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--df7b626b-e544-498f-8853-1dfc285e30da",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=backup-simple.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--45b24f50-9640-4124-a2e1-69e844bdfd21",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '57024c1fe5c4acaf30434ba1f58f9144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d43e4eb8-db39-4aa8-80c1-0173aafda6d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '565aa00a706366498c9af1a211c5e9f52effe678']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2cdfd44-c0c7-4529-8faa-bbb4f3c491f4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = 'fa11ed80a804a669bd0f854cfb0ff337825961793e5abc5b949215e0b23a0558']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f94b4117-de69-4ea9-adf2-cbadaeaf0f2c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.229.52' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91e5ee30-b498-4531-a7e6-71aeaab14a39",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=backup-leader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d324a5b3-a3e9-4786-bc0f-13b55c8f5587",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = 'ec5496048f1962494d239d377e53db0c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52e91e2c-e944-4539-88bd-c358c4f03a28",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '7b6bd2c94ef805fee0d6a6f417e6b88b92bb1012']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d5c088a0-ad0d-436e-a92d-22deee1fde0f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = 'c232fc65c77c94f6af478f330ed9f98faa7842fa9ce4e82be0f1b71cc5e0720c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e53e2ade-4a97-4548-bdf2-4bae3dac3339",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.229.44' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--211e31d1-8b79-4c19-bca9-9ba1fdcf8542",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=backup-helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--623c7b2e-65d0-4198-99c2-acdfdc0d9874",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.MD5 = '938593ac1c8bdb2c5256540d7c8476c8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--139b93a6-778a-43aa-993b-49f1501cca87",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA1 = '65c5b0e792026eaca6fd998a4b00afba6654cced']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe97bbce-5f25-4f41-bfe1-3cbe4fc6a314",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:hashes.SHA256 = '654ddee8c55c6403f0d50270d453f4b6e0474fe74c96117e92284b7c806fea90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58bd644d-7194-477b-9869-3b69f0b99783",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.230.87' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--47d9c81b-8e50-42e0-95e8-d203670f533f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:03.000Z",
"modified": "2020-10-29T17:41:03.000Z",
"pattern": "[file:name = 'CN=nasmastrservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--46f354af-ef38-481b-a012-ea02daa38a36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'cced46e0a9b6c382a97607beb95f68ab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90e80484-ffd2-41e1-a714-af55bd8f72ce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = 'ff8f86c05021e1d2916f197b41d306714ede841e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc34e69a-35a2-4dc1-a362-416b919fa1e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = 'f30f070f597bae9f9dee6e29e43ba2338a76c474da7df418b091b246d555f5cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0454d2fc-d7fc-47ad-b003-104ecf362a60",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.230.159' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a6a9e0ca-eecc-4ef5-bdd1-70aa0bb23797",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=service-leader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--813d655d-2f68-463d-8db2-aeda7ea2795f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'e912980fc8e9ec1e570e209ebb163f65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4d59a0a3-fd1e-45c1-b180-eeb976d36128",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = 'd4540e2ac36c9b9e8626b9355dbbf91883d785f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1f3e1045-6c03-44fd-ab75-3d22eda1fc84",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = 'a2be61e19be5e288891f6c12c509873adb67beb44fb6f2ad5f81c489b7d346cc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7deab300-5889-44d4-b620-430d601567cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.230.141' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--afe60a98-4a2a-4207-8970-af078d50b75f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=service-checker.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c643159-f961-44c7-8bbf-14a56d759948",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '39d7160ce331a157d3ecb2a9f8a66f12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--685f83db-0664-4dd1-a602-f878e18194d7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = 'e3af9548f3a4bccb879ab864983b0e2d8097c353']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cdbd3d20-0679-4611-88de-bf91124e2b0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '50727d5e12b31d35a5fbdb40df7dffdda2ace9d17d6b951107be493a5ceb2da5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41031aea-16de-48b3-8c5c-1f50dc642e1a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.230.140' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d2af61e-9fa2-4050-8b1f-eac471b1cf76",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=nas-simple-helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--929e40b1-189a-48b6-8c67-e836d69f0d51",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'd9ca73fe10d52eef6952325d102f0138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d70b840-9c70-4e75-9fdb-9ea40ed05272",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '035b77b955c237cbfb594599e8f8865bce869c04']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a3e75f42-94a3-4b95-973a-d35a629bdd09",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '9794cb52b8514493dabab57be55e147d0db63cbcd3726c730548a12bb64d6714']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d473ad5-15a0-4fea-adb6-66da7578a996",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.230.133' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0e1e9fb7-c770-4de0-b2c0-778adbcc9c8b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=nas-leader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8071f7cc-8b24-4e2c-b0bd-7a91e8c800a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '920d04330a165882c8076c07b00e1d93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--621bab0a-96bb-4c5d-a75a-dd35f8d930e1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = 'aa03e0ec47c6717563ac7ea45f9cbc0a424408d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5fb279df-a515-42cc-a983-cf085d3d5c64",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '94599b273e38f7230040058576433d35a06e057911afb03d6d95d7ef930bc467']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a52d5a50-846b-45f5-91bb-e2b384e0fd12",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.230.132' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a8a8510c-702f-490c-8c8a-0fc9d2c2b9a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=boost-servicess.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2ef05e4b-25c8-4b9d-8922-cdbcdf1fbacb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '771463611a43ee35a0ce0631ef244dee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9873e412-a2a0-4816-9e37-a90e7fe5fcea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '5d25382d406638de66b8abeb072d1307dd98ee68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ca4d2f60-91e8-443a-bc6e-2627ff23388c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '4658adb012b0c05a46f2edb90dca32b458d19d54b73e6b3c9bed0419d1ebde47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e08713f-eb38-42f3-a3bd-67da99181af6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.229.180' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--47d2b586-c5f7-4c25-b099-79f90f61643c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=elephantdrrive.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4f48e4d-6ba4-4bb0-8308-df32c5afbb37",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '1e4a794da7d3c6d0677f7169fbe3b526']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb3a4788-6618-4370-9940-6b0371e676bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '4603dbbe68be8fd4f06abd99d429076ce2c98130']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--869cdf27-8d7a-42c0-a98a-4eecec2189ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '623b157e68f9a66db8b5419e2f23428ee69b03a887832e8cac7969b4d256d844']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--adf03e03-9e26-4b8f-87f5-462d7f6e77f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '9c7fe10135f6ad96ded28fac51b79dfd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--305681b7-1593-4cce-b6c1-956b09f958a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '1defc2d0c521ce8fb2bef02bed7b8cd07f592474']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d52f96a5-03a7-44d2-8dfa-619e6b12cb19",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = 'e5967281faea70483ace0161c86f8d92478910644f0815d4112bfa90ee6ee0bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f3bb6b21-1b96-4d6f-b38d-1fe6240e8442",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'a78c0e2920e421667ae734d923dd5ca6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--731a9ba4-2b4a-4e59-825f-2911ca9e4eba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '0122ff19ef0c200e2f1603f691b0cb8cbff088db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--63d9e819-3b93-44a5-8586-e84e5ad4e803",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '1b61d74f07ff9ccd33df2b5766ec50d77a0b30210735e78760c895a344bd7e23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--52c74372-adca-4dd2-896a-2b84038305c4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.138.172.95' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ac96ab98-6f8d-4f8a-b5f4-762e8df25f42",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=service-hellper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f1822e5-5bd4-4e66-8a21-85ef764532a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'a0b2378ceae498f46401aadeb278fb31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4474ad30-50f4-4d45-8a51-5998c3c15024",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '06f9ea54ba622a035bb63a18222299d3d5f8ae2c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d8c2ce5-be2b-41bc-84d6-91bf2aed1049",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '9e8428180ace243e73120bfd93de74e160fa5ce5631e6c9fd4e03f4a7a5eeab7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ce6e827f-b74c-485c-ab5e-682410722989",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.62.12.119' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0081421f-0c69-4698-ac65-e2215221a186",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=top-backuphelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d0d161d3-6f52-4944-9a17-a43cab7019b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'e95bb7804e3add830496bd36664ed339']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--99c8fc4c-0ec2-44c2-b274-7df9679bea42",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = 'f51c4146472c292b1939b598c322a75668cfe786']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f8c3cf6-2ea4-44c1-83ef-600249d3b787",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = 'aadbf21768605e7370e480ce1aa9c90f6fd025cad63a116c079845e9570c8c7f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3d7b6419-aa38-48df-9de1-c42874bb8a64",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.62.12.105' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--052a8642-bedd-4a68-a476-834f8a378483",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=best-nas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c508a6d-820b-4933-b3c5-7664dd523c03",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '8d5dc95b3bd4d16a3434b991a09bf77e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--58202576-999c-4e08-a66e-ca9467307584",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '71a5634a6fdffea2dc8292288014a7ed1bcb14d8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--664001c0-fcdb-4e7e-ada7-7f7a18cc7972",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = 'f66f5d1673e5df7dc74b91f3e63e6bc76c6bda3d0d7bf5764f92f773965dacc1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c73261cd-9b36-40bc-8287-5f8cf2df9815",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.62.12.114' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ab2cf133-c668-4d6f-b9c5-4b6b46af071e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=top-backupservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--73079bfc-43b2-4537-a5c8-6801186612a3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'd5de2f5d2ca29da1724735cdb8fbc63f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e02e77f-d4bb-490c-97af-9e74dc58602e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '2523b1c2d8564fed65cae16061a8d943babd68f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9a9d4570-23d5-44a4-9a83-3add35e82b56",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '7c9afb57d287cfbab8af378bb20e633285449ecbc61e63e9dc7832023fab8668']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de815eca-692b-4413-8e34-6b2ed8180554",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.62.12.116' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--588feee7-3239-47da-9784-3eb05b890e49",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=bestservicehelper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bfdf020c-cb8f-43f0-805c-6908186914a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '9c7396ecd107ee8f8bf5521afabb0084']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--139c2fbe-6d07-411c-bcc6-d2d2a4fb8f7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '96c5bc5546a69891a7cd15de6ca08e47fae3e147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9a86735b-a173-4922-8bb8-24885c4d1d0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = 'a9f1ab8286af316313ab85f03edab36e65f64c881f615fc10a37fcb9f449f7cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--722ef40a-180a-412f-80be-70e9637a661f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '1134a6f276f4297a083fc2a605e24f70']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4c277352-eef6-4e19-ba47-3b0c2129d526",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = 'eced1d24ad47b2ec4f8289cdcf2d2fb2d261ab99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cb7ecadd-9371-4d57-a3e9-ccea587b782d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '265c9a2fcaf7c0d71cf5c6f0d60e3997527a9b72ae70465071a0ca429db3f661']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2cf9fd1f-16d2-4dfb-b4c4-8f9dfba14fa7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '2150045f476508f89d9a322561b28ff9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bce62b-7e0c-4095-8391-feb345129b08",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = 'c485f3e426c0bf825b6b4c5fdff4c63d654480a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--80513541-1b45-476d-b682-5f4963b4263f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = 'ab7edccb4b138f2123c3f3d678176d1bc71dfa542710d9da5b17534c4f3eab2c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b58e4c05-e6ce-4b85-9536-803c1e82ac3f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = 'f4ddc4562e5001ac8fdf0b7de079b344']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c5f48c44-0303-441a-829a-23d4e3f0e5b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA1 = '16de49c36cadc539c421397477d04fb24b7f5a62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91018f68-ef2d-4136-9fc4-bd57281bb3a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.SHA256 = '97f3b5d51748df88be4f4e5ffacad5ea604dd3ed74f54821e2d629d600fcaaa3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--426bdded-810c-4b10-9d9f-56ad31d748d5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.118.138.137' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed7d60ac-b0da-4bd9-bc0c-109e0cd84ee1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:name = 'CN=top3-services.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--074ca386-1168-4e23-bafb-1bc9efbec0e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:04.000Z",
"modified": "2020-10-29T17:41:04.000Z",
"pattern": "[file:hashes.MD5 = '75fb6789ec03961c869b52336fa4e085']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ab89fafe-ca23-48c9-9961-38c174eba684",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = 'a653de6f532cba378bcbb4165cd76cd2ae4a79e3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--48b6fc2e-b0a7-49e1-a11d-488cfac3fc45",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '1f796d6aef9100d63e0e2da0c730380f2c524f0befa4cb957942eb5be9b03300']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7fe5630a-629b-437a-bb3b-33ad45d7b32d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.118.138.115' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--486aca7d-ac21-4652-93f9-03a0c81055b9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=simple-backupbooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a081a9b0-d467-4ab1-8725-8e37a8b59d03",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '9f5e845091015b533b59fe5e8536a435']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--feddd7b3-40ac-4b06-b67c-4e9341ab59ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '1e62c973054518a75881dc36aad42fc60cc9be62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7293d7b9-dbdb-4036-be85-52c7fee10971",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = 'fcdf6099ec3c3775a78b3d1f6789bbaad8ee00896e07e8019cb2b4cd19710f33']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f0e5e21-40aa-46e7-b900-67d9e69ef6b0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.177.235.53' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--94650e50-9b96-4450-94c2-bb26de0e6475",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=best-backup.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1e8c3f16-fa58-4367-a5bb-717c4bcf77b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '4b78eaa4f2748df27ebf6655ea8a7fe9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f252d915-9a9e-4ec2-97b7-74210f4ee35b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '3c10031ed4ab6e61cc3fd5ef0357858fd5f40c45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d1a5d389-4af3-4e9e-b82e-beb22ef99166",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = 'e76c58979c426f7c66c95a205c1272f87ccd7b1761745b08edbfe6d8d195e4b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c46689e-6ca9-44ae-a3d9-9ea673d5b59c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.118.138.138' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--48a2bb33-1526-44e5-9729-e74947c89adb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=topbackup-helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dda29bde-875d-4df8-8680-bf92ac3358c3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = 'bcccda483753c82e62482c55bc743c16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a02d0951-857d-4c9c-a85b-b27afa1a326c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = 'e3962ee4bd9c1f7eaab284e09f00d2307890ebe6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4f903db3-1e9b-4ea8-8347-1d31e0630941",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = 'bb2ec3f66df61241a953484d0701477b46b876f4a4dc9eb94d8eab567406ecad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9baebdf-b8f1-48e2-a404-6fb716504d55",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.1' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3714cca2-bb06-468c-bd6c-e378c9c4838a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=backup1helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a5adc2d2-3a10-4c5c-a09e-0c7c256cb346",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '672c66dd4bb62047bb836bd89d2e1a65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4547bd10-4f52-4041-97dc-3f9e74b31e8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '24cba6ef0db402fdcf94dc216b0b2a6d933e871f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e063315b-c74e-4691-a0eb-eb43b27bff7d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = 'cfd1174ba0371c9703b6494fd04e6355acfaf73fca04b9b755aa745ce0d12bc0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1d196404-c795-428b-884e-42f9c05a7a6d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.240' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ead7fd4b-462b-43a9-ac33-44d497382616",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=checktodrivers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1c65932-9b13-4ac7-81ca-430808b2b40c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '6825409698a326cc319ca40cd85a602e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e96b6509-4a80-4bc5-8d10-8f3a363f5ef9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = 'ac67f2b1b05abdf49f23980ea98cfd8c0f56b258']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--956c6821-f28b-4c6e-9f0b-ae9a38a79b58",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '39c98d118e2c2c350c2e2eb3300a5251c0b830a04bb71b37e485e6911b1450d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aee65842-ce85-4b31-b1ec-688f85f1ddb6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.194' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--872c25e6-3cb9-4b9e-bf25-95f58e227965",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=driver1master.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c6fc4fc-9187-4f1b-9715-f2abdd57b208",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '7f9be0302da88e0d322e5701d52d4128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--37cc168d-1788-455f-a8c1-7e17568a4fa6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '43ec2f1882b93adee3a54ce216ab72223cbb6a49']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d8376f7a-b4da-4c5d-a3fb-962a96339881",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '6beafdc4a4e1c35195e1540f487888941f76f1214be2c793217523bb2cb39cd9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--90446a0d-a2d6-46e8-971a-62a6055b07f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.138' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a5c3d4e8-d8c0-494a-a144-77c7b37972a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=boost-yourservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9cdc7015-a55d-4334-8c32-c598a22ab438",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '2c6a0856d1a75b303337ac0807429e88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9660fc9f-e33f-44e3-94f3-22f04abe0666",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '499825372396aa5075e3d56c28bdf7049bb2343c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0a2f21f-7352-4ea1-838a-e606f7605d0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '35312294a5f9d42b3dd4d975ce0bb7bbf986ce84638d42f0270b0c26e564b68b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a52c45bd-c5eb-43ba-9d2d-84ba9ddd51c3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.136' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--27c74fb0-4aee-43b1-9252-133028a1345d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=backup1master.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0c64147b-9619-47d0-bca6-c90e5a6580fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '6559dbf8c47383b7b493500d7ed76f6a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--acbefccc-a528-4992-bb70-9e9b821c4ed7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = 'abaa76f2a65001fc0d965fc86e82a875015538b8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1a92a0da-0120-40fc-9332-d59ead20b69d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '20fa63aebac31cd6e505c4757f3c73ca97ff9b35a5d28c7264023aad03e19b93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--684f29c3-752c-4b24-ba77-512f39c8fb14",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.157' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--979484b6-b79d-4685-80cc-cdd261feff30",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=driver1updater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d549affc-71e5-48aa-b70f-7efbfa7275b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '7bd044e0a6689ef29ce23e3ccb0736a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--45a67e07-00aa-4f91-9fb9-da75fcc5c84d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '2d0a25a29c198728dbec4aff3955c5bd167169da']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--204d52a7-4d7c-4006-9486-cbd2ee80e7e0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '939a72e9e0241a5c88793ad0be8a3aae8f953c1b4a02e4432f3d8646d6be986e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d89de36-14a5-4575-aa46-fc2ed48586a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.178' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be9f1ffb-ebec-4518-a10e-c4d39b08aec8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=service1updater.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4fd06f0-507b-4cb4-a847-a2f62b36b5e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '9859a8336d097bc30e6e5c7a8279f18e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b1ca6ad5-1621-459e-8bbd-56dc8cb35884",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = 'f98e21f2ca04f13adc55eedefdf900f1754088ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b44d768b-f18e-4863-bc1a-7bb691603ecb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = 'e87bdd2f0fa84bd5a93897076eabb896a538955a01366ca62d12e38f3aebfc21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--071d3271-d1e3-44c7-a225-5b65d58a6121",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.220' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b215cdda-6e59-45fc-a809-9f31885e2c85",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=driverdwl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9acee9b-73ce-4edc-b87d-dbfb868983e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '43fb2c153b59bf46cf6f67e0ddd6ef51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8303e380-a3e6-41a2-9a5c-3d8eb323d5c4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = 'c0ae10b3c7399c1fd5de4bebbeda6669830fd765']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70b269e6-7f30-4f3a-97dc-9ff6b280bc71",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = 'd9e9d42c64fb754d85800399e9a291f47451ec7a0d7bb1995b3c28e1ba9cfa8f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd2bc81e-9e75-4368-94d0-f6a911df5646",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.240.222' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--810021c8-7eb2-421d-9350-a6f48a72c0ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=viewdrivers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1cd8c137-70a9-4348-9cdc-abfc35a38fda",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '22bafb30cc3adaa84fef747d589ab235']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--71c61c1c-3dc2-4eeb-aaab-46d2c1073983",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '6c97fb036d52fc9ec2e19e492e605174609d4b1f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f92b9bdf-c6e8-4c91-9421-3c5e69aed1f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '0fe22c1303accd5a26eeb0ea38cd78094422bc0ace0551c475663e4eff76a619']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--788ae963-f7f0-4f37-b74d-ff477b5bccc7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.134' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1a4903b0-74a4-4823-976a-133ba9f07568",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=backups1helper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b87c2a0e-abaa-41c7-8c0c-bbcaacc74786",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = '31e87ba0c90bb38b986af297e4905e00']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3cb0f50f-ff4b-4018-985b-93b9267d8e14",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = '56acd9159f4d96f632d26b5af16efb72e79fb585']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5446a3b9-7d9d-4e88-a443-4c88c94033d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = 'f9b32b774b3985fca2c2f9fd6f0101146374d826b99294670dc9f4593d35ebf9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bbf84a52-57e7-4110-82bc-9bd5af261b80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.138' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b272ad8-393f-4c34-a0cd-c1dab386dd8e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=driver1downloads.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d9d77028-6481-4b3b-88c0-b827912be67d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.MD5 = 'f8a14846b7da416b14303bced5a6418f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d755ef2d-818c-45ee-b562-2b590512c54c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA1 = 'e01884017c886a8608aa4fea7b1daf8662f0ac40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f522b81-e503-40c5-9007-ad3236921f7e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:hashes.SHA256 = '3b87be2164a5fe005097d87c4acb0ece1b658e46c2ef935c86f67706e23bca95']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5f7a7f21-7e96-4977-af40-d93e55a3f2bc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.146' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e539415b-f106-4a80-a7a1-69c3e4a2cdc0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:05.000Z",
"modified": "2020-10-29T17:41:05.000Z",
"pattern": "[file:name = 'CN=servicehel.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0ed8a46-b2cc-4913-8603-d1416e3124c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '01abdaf870d859f9c1fd76f0b0328a2b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--38d4d672-9247-4486-9e30-005a3fcf5c83",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '3edd7f727ce24ddadcc0012a702ead599c9099d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ce67d736-5284-4bba-bb2f-ba944d9de34f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '9db7cf85796ea75534deaff38fd39492addacdf120592ef689d7cd32963ea386']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ad4c824-c912-4ded-8ac2-8de044be5820",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.153' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f0ff5e0b-b91b-4457-be9a-d58ad59dbc52",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=service-hel.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2d3d3a7-bea6-4764-8a8a-4cc76e978eb9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = 'c2eaf144e21f3aef5fe4b1502d318ba6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--006539e9-b7ff-4b2a-b532-434c54beab20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '67915ea68637b47e78953b1867523a2c0435d81d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--097a14f3-d53e-4bd5-a7c2-22e4890c01ac",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '0cf8e1c365491c78f5b17b22e695b79ebcd696ba0aa6aa4dbcaed75acccd59c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--615dd3fc-1b96-458e-a12c-37eb89913f37",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.158' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--da33c833-7ac9-4026-9c42-10f9f39d1f01",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=servicereader.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6dbe99e-e47c-46bf-84c2-0c0eb0abb5d4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = 'de54af391602f3deea19cd5e1e912316']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f110959e-280f-4745-a4d0-b0362515a6b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = 'd157e01e740f7b72dbe63d92c1e057553c898a13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d8d7c43-7326-4c80-9be4-bb9a18f3b9e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '8f882e7280ce0c9c921bc1fde6be66899c486ead02f799d7c4903d4117376792']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f91b7daa-8c3e-4b48-8ff0-44e2aeefa5e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.167' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--517cc8a1-99a3-4f89-8958-261ff1ee8444",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=view-backup.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f5e38e41-a7d6-454a-a3b4-e9c270bd93b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '5f6fa19ffe5735ff81b0e7981a864dc8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6e4088fa-ffd0-4d53-a5a4-3c4173ea4e53",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = 'd20b29d9cf3706cb461724e544e25c6f78e6c54e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7cf579c-9188-42bf-bbb5-0ae04286b233",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = 'ea1feab48765f14af16a70bd8c3832dda4212bbd335ddef721977e7218366b94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fb9915a1-7185-404e-85ce-b0abbe9ea5b6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.147.231.222' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b1ec922-bb6c-4281-9fab-b7e6a9c6e105",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=top3servicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a720adea-68e4-4180-810c-90c32b5c9805",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = 'ff54a7e6f51a850ef1d744d06d8e6caa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3b305e06-332c-483b-8cb9-75d5b007a6c5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = 'b7d641e402090f1151d865294263f5aab986ec59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d4adf3c4-5544-40cf-af65-9cc0fbae427d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '82e88fc92a2f7f85e29b7078ffc8af2f058c4218a4d558f22adce4179ec49a29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23d2f92b-bffd-43c5-9a29-fdb881e668d9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.141' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cb1dba3a-c318-48d9-a5f0-672a6142483a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=service1view.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1eb8fda3-af70-4d2d-ba2c-ce43b33076cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '4cda9d0bece4f6156a80967298455bd5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--89ba2364-c018-43c3-b3d6-9465373608a5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '3720e6b4f1d1e9eeeb15e49d81f2b15f5febc796']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aba7b7ac-aaf2-40df-b3ba-ebb8459dc139",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = 'd2ad732871935d34dbdeb658745929f2b473f17c894fc991efb5725d5c93e351']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--06b2d2d1-1a44-4035-8a23-7c07e2c069dc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.118.138.139' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--91b5acd0-5276-4a80-91af-64eda21f1c69",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=topbackupintheworld.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4f5a765-1071-4188-8f14-d77164af4ffd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = 'e317485d700bf5e8cb8eea1ec6a72a1a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b6f071b4-9faa-48c0-a4d5-c8b198c41035",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '9fcc5c1e8ec32f56e975ba43c923dbfa16a8f946']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b002b075-acd1-4a69-98fb-7ea6c452c605",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '549c910be817cebef4f1a91548b75168b2a9d9148406d4ff55a71125e0af63a2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b73a6d09-88c8-4e05-b821-ef37909ddf73",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.62.12.12' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ba125c9e-2ff5-45aa-82ce-b6d841780c48",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=topservice-masters.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1d2783d6-186d-4569-80ca-2aff7570543a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = 'e0022cbf0dd5aa597fee73e79d2b5023']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f72624f-9488-40e1-9a43-eee994a678ff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = 'e270b5107aed00bce3977d3bf46eab7a26f12296']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de50941b-591e-40a7-845d-943d2e3b8d08",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = 'c745f58328ead88c4994c321d4c88e11c0e76b3ff2fb0990a94929d17cf34ccc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--89137238-d259-4cf0-a745-5a651a889542",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.62.12.121' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--88d23225-bc49-451a-b176-608b8fc566b3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=topservicebooster.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de5daa9d-c9f6-4318-8e35-ade0ce398691",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '44e7347a522b22cdf5de658a4237ce58']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7778c33-9f80-4f40-a2b9-cf99dc974fb6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '35ef11c8a52cb944371bcffd2750793169f7daa9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--08ae595d-d17d-4db6-8496-fe3e0d20116b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '690130e5c2ba0ad872ca9dde83a10686c1e7a6d3a1849427269c8d9a97de0061']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--884e9310-3073-49af-a701-0c6b010c87b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '172.241.27.65' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f4ed2826-e5b6-4382-96fe-44e036874b0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=backup1services.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a318beeb-76c8-4c0e-9eae-df7f0398121c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = 'cd3e51ee538610879d6fa77fa281bc6f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--475f2fed-6801-4c84-b832-61a8c68b738a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = 'a8087000b8b8c629650c18739fd63bc9d71df8c4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e5235d09-17d7-43ce-a59c-fa5a890416e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = 'bb6a64e2940400ad1658d36c1c9b5ac74fe3e2b667306ae3c13454ac1c1056bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17ed1135-39e9-46ab-bda6-bcff74bd0a93",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '172.241.27.68' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bbc57c77-b47d-4b94-a26a-c2e9d5c39bff",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=backupmaster-service.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--17630d26-07e3-446d-972f-6364fade7538",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '04b6aec529b3656040a68e17afdabfa4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9bdcd88-80c6-4be6-b303-00c2868e059a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '05cdadc410865fc446645997c493fcc3f25fd86a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c008bef0-3ddc-4e63-a932-fb8b5b9bd01d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '069f142509ad4c2ec6ab0481c43985ca05c037861aadfba104a9e4c36ca46efa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d2775d6-eac4-41dd-8517-caafa5ea7658",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '172.241.27.70' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b76e3f38-baaf-4c6a-bfed-404f7e2b7435",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=backupmasterservice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4eeeaf29-d8ae-4359-bd3f-048c9a29b5c6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '200c25c2b93203392e1acf5d975d6544']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fd28b251-9ded-4bab-9745-2d20a739960a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = 'd0c7fc7ea6eb9503de76237dd67fd0184d5a26b3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--985fd7df-7571-4143-8cbf-2d0536db86a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '4121d66a273aec3c74e9973824831353dfc1af1f41857596fbfff09397d377ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c49284f2-1a76-4645-8dc2-6aff5cc9d63e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.139' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ca15d6f8-5f1d-4db2-a17f-19926f39e98f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=driver-boosters.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--208c86ec-a91c-4dbe-bee7-9652e6835732",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '9d7c52c79f3825baf97d1318bae3ebe2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbc7dd18-3326-41ea-982c-f0d416a21255",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '9b1d8026272248f73cc945348ab6f253ebbed17f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--28b5e5a7-2ac2-4861-977b-ed1c0dcc2da3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = '869bae71a3aff8ad127f276fe6088ea6244f121994018be294f0555742781d0f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7b04c799-8570-4bab-a74c-c1dffcfe37a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.153.241.14' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ca690b1-7419-49a8-a65f-dd6072251f2a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=service1update.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--644f81bb-e2a7-4137-a30c-437bcecd1f0f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '5bae28b0d0e969af2c0eda21abe91f35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7c70fd92-f5e2-4613-8824-ed74a48c9d8f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '63dd4ce7db0621e4def994f9dc4836cdfcff5836']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d0f26fce-0dd4-4a0c-99a4-10618fa2b26f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = 'b1db6c3fc7d9c2d53c77ccf3cbb949f6d7916ad5f1a1c19176c349239f7ae463']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bfc33296-68d5-4eb6-beb9-1d865e234025",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.211.254.154' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f51685b9-a489-4993-9613-de2d03bd6816",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=driverjumper.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8c7bdd36-0627-4c37-a435-1fbbf1162f2c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = 'a1e62e7e547532831d0dd07832f61f54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2d2fcb5-6b34-4d54-8b04-9fabbfbd6149",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA1 = '4af071235fb4879ec3952df5070a091073dfed92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ed3c68c2-6d19-4049-9961-12d2599897e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.SHA256 = 'a0a423de844296f280c4b37ac88aec7fd180c4143ff4af5930b1708cb7030e3d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6e441a81-ee31-4860-8a81-d4b08f22dceb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.17.28.70' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--762f10f7-3971-457b-940c-83c1d1193fe0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:name = 'CN=service1boost.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e8dc8ee5-0d45-407f-8551-3d963069b21e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:06.000Z",
"modified": "2020-10-29T17:41:06.000Z",
"pattern": "[file:hashes.MD5 = '67c7c75d396988ba7d6cd36f35def3e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--28463522-cc81-4449-99b4-b551fafde025",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = 'c850dc97812008b72496bdebb3ddf87a6360673b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f59f1505-0121-40cd-898a-1f8d427c58ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = 'a6d4dbd50a454dc3f039259e48a0030b5f6590342c0b1097cf8997e248a1f2f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aacb93bb-f016-48b8-805a-215071b79d8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.17.28.105' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--24a78a46-c62f-4db7-bc51-da3ecb63c132",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:name = 'CN=idrivehepler.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e4eb8cac-c559-423a-b7f0-fe8bf8a1c968",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.MD5 = '880e59b44e7175e62d75128accedb221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--30491460-8f38-4f08-b3af-f7ad2ccad22b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = 'b7c178761a1401d225defa5826d0131b38d3a7c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--efca9c88-5f11-4476-b077-cb88e4bcf439",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = '7b6f6a1ed5d5d69bc8921c30f827b975588957befda59d8cc016aab4d5631cd2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--89061fc6-d6df-40e6-b42a-fe331aae7846",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.43.160.205' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--464c0dd4-8f73-49d4-bbc0-668530c591ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:name = 'CN=idrivedownload.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d5637cfd-be56-45ec-b7aa-9347dafced9f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.MD5 = 'cdea09a43bef7f1679e9cd1bbeb4b657']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2632774a-ab58-4721-8b13-cf3a60dd94bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = '0c17226e56d5f69aefdc14e811a6ad033500b712']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1c79a06a-341f-40ac-a4ec-4ce038e5c570",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = 'e83ea3a0255edee75b6322bd36fda31b4f2dcb4375ac6ea0edc28270c7a5362f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a53054a6-89f8-4669-9171-a515c953bf2c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.43.158.171' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--730fc1ff-d3fd-4d2c-918c-81651fe73cad",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:name = 'CN=idrivefinder.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c0defbe9-cbad-45dd-b69a-181cf2c087a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.MD5 = '512c6e39bf03a4240f5a2d32ee710ce5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ee26e7cf-6cad-49b1-9398-15821cfd3b44",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = '2b352b15f2783988d6be7dd6397dcdd3cf58733b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9554c946-5cac-4141-ab97-b21ae9f655bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = 'ea5a7b096f1b02e60d1429c50dde63c597c45fda3548bb24e10f34c9352543f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ed074ca-aae2-48a1-bd4a-f5f8786a3797",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.43.133.44' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--344c98db-e12f-4be7-b188-d6b3f7c69558",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:name = 'CN=idrivedwn.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4ef74f12-ea35-411b-9c17-3c38ee3a9579",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.MD5 = '87f3698c743f8a1296babf9fbebafa9f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--05ace2a0-9143-405e-beb4-95d7d857591f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = 'd8d92f1f012f6ee78b144e9771df1cdc146b5fe1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d71ca35-32ae-4b97-9529-b9aa16b45d27",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = 'c15fd2820f598dc5483c2c9218e5eeeb34c92e69b258966b2e48f99d97973f8f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a49de51a-acaa-4a89-bb36-f7621a927fa2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.43.128.5' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--872de921-cd8f-43ad-8a4c-53bc0c204b5c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:name = 'CN=idrivecheck.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e2989b68-2f31-4e38-849d-872141c579cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.MD5 = '6df66077378c5943453b36bd3a1ed105']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--424eb2a5-736f-4503-82c6-b535be0a4d33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = 'f3a2610a4329fbd96e585b5c7b76c44d7920e170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea366536-2416-4c67-a8f8-3c901a3b2f0f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = '20c976457f2e5a498a77b1bd58eb625f75213f036b2d3624cf32ff0c7c6075f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a1e4d60d-d6a6-4359-822d-a913830e62b7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.43.128.3' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8746ce89-fd0a-4eed-8b41-12dcd06fa9a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:name = 'CN=idriveupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9ab5eee-7afd-4d91-ad83-74c5cb9b8444",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.MD5 = '9706fd787a32a7e94915f91124de3ad3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c9cbbbc5-5131-477f-9f21-f3dfc7a1961e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = '54e1c649c51b4b6dd49095a4d416619e3f712880']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b4be06bc-9557-4d0d-b9dc-92b1453aead7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = 'f16a569552414694d2a97594cb86b4393005f05875c724327bd047651aa45c69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f305a79-9076-481c-b53e-046fa99b73e4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.17.28.122' AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst|port\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5244a2eb-71c3-4569-a641-37e0a3ff7de7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:name = 'CN=idriveview.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cda11a3e-1cc4-4154-8412-7b400f00a65d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.MD5 = '0e1b0266de2b5eaf427f5915086b4d7c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1ed4b8a2-1cd0-4a94-9c2f-c7f970f79f01",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA1 = '1a36672ac35caa0537d300ab151f534e663ae709']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943b137-bdb9-4f34-acd9-0d8511918c0d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:07.000Z",
"modified": "2020-10-29T17:41:07.000Z",
"pattern": "[file:hashes.SHA256 = '1ce83c5307b4a3ccab5dae62adaa5ea32d20ffd393e3a28bb1deefe26a4102e7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2020-10-29T17:41:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--d321245f-dae2-4499-8c18-c35002fffa36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2020-10-29T17:41:55.000Z",
"modified": "2020-10-29T17:41:55.000Z",
"first_observed": "2020-10-29T17:41:55Z",
"last_observed": "2020-10-29T17:41:55Z",
"number_observed": 1,
"object_refs": [
"url--d321245f-dae2-4499-8c18-c35002fffa36"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--d321245f-dae2-4499-8c18-c35002fffa36",
"value": "https://gist.githubusercontent.com/aaronst/6aa7f61246f53a8dd4befea86e832456/raw/f154d75de63d95925a6930d81cca99da0da85f32/unc1878_indicators.txt"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink