adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/543b7c14-ec70-446e-b2f7-4620950d210b.json

1607 lines
No EOL
65 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--543b7c14-ec70-446e-b2f7-4620950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--543b7c14-ec70-446e-b2f7-4620950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"name": "OSINT Democracy in Hong Kong Under Attack blog post from Volexity (Steven Adair)",
"published": "2016-02-22T14:23:19Z",
"object_refs": [
"observed-data--543b7c1c-3a5c-4d53-bf69-4d72950d210b",
"url--543b7c1c-3a5c-4d53-bf69-4d72950d210b",
"x-misp-attribute--543b7c2d-2ad0-48dd-9845-4225950d210b",
"indicator--543b7c42-9104-4568-9349-32fb950d210b",
"indicator--543b7c52-687c-43a9-ab1e-4c6c950d210b",
"indicator--543b7c75-c5b4-439a-9363-4101950d210b",
"indicator--543b7d77-a13c-4e88-9e78-32fb950d210b",
"indicator--543b7d77-f9a0-4a47-963b-32fb950d210b",
"indicator--543b7d77-8290-4413-b2b7-32fb950d210b",
"indicator--543b7d77-4a54-4ebb-a2b7-32fb950d210b",
"indicator--543b7da3-af04-4d5f-8da9-4999950d210b",
"indicator--543b7da3-6e68-47fb-b2a1-4844950d210b",
"indicator--543b7db3-bab8-4fac-81e1-43fc950d210b",
"indicator--543b7e23-f148-4ca3-a875-32fb950d210b",
"indicator--543b7e23-5d64-4783-95ac-32fb950d210b",
"indicator--543b7e36-4ed4-45da-9c6f-41c4950d210b",
"indicator--543b7e42-13a0-46eb-b8de-4961950d210b",
"indicator--543b86a0-7880-4e23-97e7-425a950d210b",
"indicator--543b86ad-df30-441d-97e6-400b950d210b",
"observed-data--543b86e3-d6f8-4f77-b48a-4ab3950d210b",
"domain-name--543b86e3-d6f8-4f77-b48a-4ab3950d210b",
"indicator--543b874a-17a0-4088-a9d0-4884950d210b",
"indicator--543b8757-ebb8-4e20-baed-40ef950d210b",
"x-misp-attribute--543b8775-6efc-4edf-a6bc-42f7950d210b",
"indicator--543b8787-120c-498e-b3e1-446d950d210b",
"indicator--543b87a2-900c-40cd-a69c-409e950d210b",
"indicator--543b87b7-c7c4-4cd3-b34b-4c4d950d210b",
"indicator--543b87b7-aa7c-40f3-a200-4899950d210b",
"indicator--543b87b7-aa38-4ada-853a-4471950d210b",
"indicator--543b88ad-aa68-420d-bed7-4653950d210b",
"indicator--543b88ad-d5dc-4b03-9d25-4f19950d210b",
"indicator--543b88ad-fb0c-4408-82dc-4b4b950d210b",
"indicator--543b88ad-78d4-4adf-9764-436c950d210b",
"indicator--543b88ad-37e8-4e08-ba2d-48e5950d210b",
"indicator--543b88ad-65dc-4ff8-8079-4c87950d210b",
"observed-data--543b88f0-6cb0-416d-b34f-4c90950d210b",
"url--543b88f0-6cb0-416d-b34f-4c90950d210b",
"observed-data--543b88f0-e094-42a4-b487-4595950d210b",
"url--543b88f0-e094-42a4-b487-4595950d210b",
"indicator--543b8a74-d608-460f-9582-41e1950d210b",
"indicator--543b8a74-edf0-4a92-b26c-4bd0950d210b",
"indicator--543b8a74-b9c8-4e0d-baa1-4ace950d210b",
"indicator--543b8a74-b648-4ec4-a15e-4d96950d210b",
"indicator--543b8a74-d1d8-41bb-ad2b-4bee950d210b",
"indicator--543b8a74-8a84-4544-8aa2-4499950d210b",
"indicator--543b8a74-6860-4e41-b903-4fa7950d210b",
"indicator--543b8a74-58c0-42e2-9287-4a0a950d210b",
"indicator--543b8a74-30e4-465a-8c10-4238950d210b",
"indicator--543b8a74-2504-40fe-ae28-409d950d210b",
"indicator--543b8a74-30b4-4446-9789-4564950d210b",
"indicator--543b8a74-bbc0-495c-b9ae-4c23950d210b",
"indicator--543b8a75-43a8-49fd-a26d-4711950d210b",
"indicator--543b8a75-3dd4-4839-b845-4153950d210b",
"indicator--543b8aa2-11a8-4deb-8731-48bf950d210b",
"indicator--543b8aa2-a494-490d-b8d1-4151950d210b",
"indicator--543b8aa2-2218-4752-b796-4f81950d210b",
"indicator--543b8aa2-1a98-4f36-a47e-4f6e950d210b",
"indicator--543b8aa2-7a50-4e5c-b344-4341950d210b",
"indicator--543b8aa2-9ef0-4a68-b2e2-4635950d210b",
"indicator--543b8aa2-84ec-4d0d-9854-47a3950d210b",
"indicator--543b8aa2-1e98-4265-a4ce-4ca6950d210b",
"indicator--543b8aa2-f84c-421c-9825-4310950d210b",
"indicator--543b8aa2-1300-4986-b631-46c3950d210b",
"indicator--543b8aa2-2784-45b7-adc3-43ec950d210b",
"indicator--543b8aa3-490c-436e-9e19-48a8950d210b",
"indicator--543b8aa3-3f9c-49ca-85de-4876950d210b",
"indicator--543b8aa3-7b1c-4b97-a956-4f07950d210b",
"indicator--56c625f0-5078-44b2-bd77-599c950d210f",
"indicator--56c625f1-bea4-4b39-9f48-59a1950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--543b7c1c-3a5c-4d53-bf69-4d72950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:15:40.000Z",
"modified": "2014-10-13T07:15:40.000Z",
"first_observed": "2014-10-13T07:15:40Z",
"last_observed": "2014-10-13T07:15:40Z",
"number_observed": 1,
"object_refs": [
"url--543b7c1c-3a5c-4d53-bf69-4d72950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--543b7c1c-3a5c-4d53-bf69-4d72950d210b",
"value": "http://www.volexity.com/blog/?p=33"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--543b7c2d-2ad0-48dd-9845-4225950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:15:57.000Z",
"modified": "2014-10-13T07:15:57.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "Data encoded by David Andr\u00c3\u00a9"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7c42-9104-4568-9349-32fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:16:23.000Z",
"modified": "2014-10-13T07:16:23.000Z",
"pattern": "[url:value = 'http://java-se.com/o.js']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:16:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7c52-687c-43a9-ab1e-4c6c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:16:34.000Z",
"modified": "2014-10-13T07:16:34.000Z",
"pattern": "[domain-name:value = 'java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:16:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7c75-c5b4-439a-9363-4101950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:17:08.000Z",
"modified": "2014-10-13T07:17:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.253.101.105']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:17:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7d77-a13c-4e88-9e78-32fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:21:27.000Z",
"modified": "2014-10-13T07:21:27.000Z",
"pattern": "[url:value = 'http://985.so/bUYj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:21:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7d77-f9a0-4a47-963b-32fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:21:27.000Z",
"modified": "2014-10-13T07:21:27.000Z",
"pattern": "[url:value = 'http://985.so/bUYe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:21:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7d77-8290-4413-b2b7-32fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:21:27.000Z",
"modified": "2014-10-13T07:21:27.000Z",
"pattern": "[url:value = 'http://985.so/b6hW']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:21:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7d77-4a54-4ebb-a2b7-32fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:21:27.000Z",
"modified": "2014-10-13T07:21:27.000Z",
"pattern": "[url:value = 'http://985.so/bUYf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:21:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7da3-af04-4d5f-8da9-4999950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:22:11.000Z",
"modified": "2014-10-13T07:22:11.000Z",
"pattern": "[file:hashes.MD5 = '1befa2c2d1bfc8e87d52871c868f75fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:22:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7da3-6e68-47fb-b2a1-4844950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:22:11.000Z",
"modified": "2014-10-13T07:22:11.000Z",
"pattern": "[file:hashes.MD5 = 'a482a84d13c76b950ce5bc7e75f4edef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:22:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7db3-bab8-4fac-81e1-43fc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:22:27.000Z",
"modified": "2014-10-13T07:22:27.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '58.64.178.77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:22:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7e23-f148-4ca3-a875-32fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:24:19.000Z",
"modified": "2014-10-13T07:24:19.000Z",
"pattern": "[file:hashes.SHA1 = '8f81bb0bfa6b3ebf3ef4ea283b23a5ccae5b6817']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:24:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7e23-5d64-4783-95ac-32fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:24:19.000Z",
"modified": "2014-10-13T07:24:19.000Z",
"pattern": "[file:hashes.SHA1 = 'c0a4b9145e0066f5c1534beddc9c666ea8eb0882']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:24:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7e36-4ed4-45da-9c6f-41c4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:24:38.000Z",
"modified": "2014-10-13T07:24:38.000Z",
"pattern": "[domain-name:value = 'jre76.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:24:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b7e42-13a0-46eb-b8de-4961950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T07:24:50.000Z",
"modified": "2014-10-13T07:24:50.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.125.81.203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T07:24:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b86a0-7880-4e23-97e7-425a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:00:32.000Z",
"modified": "2014-10-13T08:00:32.000Z",
"pattern": "[domain-name:value = 'jdk-7u12-windows-i586.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:00:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b86ad-df30-441d-97e6-400b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:00:45.000Z",
"modified": "2014-10-13T08:00:45.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.253.96.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:00:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--543b86e3-d6f8-4f77-b48a-4ab3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:01:39.000Z",
"modified": "2014-10-13T08:01:39.000Z",
"first_observed": "2014-10-13T08:01:39Z",
"last_observed": "2014-10-13T08:01:39Z",
"number_observed": 1,
"object_refs": [
"domain-name--543b86e3-d6f8-4f77-b48a-4ab3950d210b"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--543b86e3-d6f8-4f77-b48a-4ab3950d210b",
"value": "elsa-jp.jp"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b874a-17a0-4088-a9d0-4884950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:03:22.000Z",
"modified": "2014-10-13T08:03:22.000Z",
"pattern": "[file:hashes.MD5 = 'b3a9e6548fb3cc511096af4d68b2e745']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:03:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8757-ebb8-4e20-baed-40ef950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:03:35.000Z",
"modified": "2014-10-13T08:03:35.000Z",
"pattern": "[file:hashes.SHA1 = '394703d1240ccd3aaeeef50c212313e3036741b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:03:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--543b8775-6efc-4edf-a6bc-42f7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:04:05.000Z",
"modified": "2014-10-13T08:04:05.000Z",
"labels": [
"misp:type=\"pattern-in-file\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pattern-in-file",
"x_misp_value": "C:\\wocawocawoca\\piao\\Release\\caca.pdb"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8787-120c-498e-b3e1-446d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:04:23.000Z",
"modified": "2014-10-13T08:04:23.000Z",
"pattern": "[domain-name:value = 'jduhf873jdu7.blog.163.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:04:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b87a2-900c-40cd-a69c-409e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:04:50.000Z",
"modified": "2014-10-13T08:04:50.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.255.217.77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:04:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b87b7-c7c4-4cd3-b34b-4c4d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:05:11.000Z",
"modified": "2014-10-13T08:05:11.000Z",
"pattern": "[domain-name:value = 'dns.apasms.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:05:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b87b7-aa7c-40f3-a200-4899950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:05:11.000Z",
"modified": "2014-10-13T08:05:11.000Z",
"pattern": "[domain-name:value = 'ns.gpass1.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:05:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b87b7-aa38-4ada-853a-4471950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:05:11.000Z",
"modified": "2014-10-13T08:05:11.000Z",
"pattern": "[domain-name:value = 'ns1.gpass1.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:05:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b88ad-aa68-420d-bed7-4653950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:09:17.000Z",
"modified": "2014-10-13T08:09:17.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'micewe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:09:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b88ad-d5dc-4b03-9d25-4f19950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:09:17.000Z",
"modified": "2014-10-13T08:09:17.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'quonlu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:09:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b88ad-fb0c-4408-82dc-4b4b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:09:17.000Z",
"modified": "2014-10-13T08:09:17.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'www.ib.vc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:09:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b88ad-78d4-4adf-9764-436c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:09:17.000Z",
"modified": "2014-10-13T08:09:17.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ns0.skyhookwireless.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:09:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b88ad-37e8-4e08-ba2d-48e5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:09:17.000Z",
"modified": "2014-10-13T08:09:17.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'geister.quonlu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:09:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b88ad-65dc-4ff8-8079-4c87950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:09:17.000Z",
"modified": "2014-10-13T08:09:17.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'arbvisa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:09:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--543b88f0-6cb0-416d-b34f-4c90950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:10:24.000Z",
"modified": "2014-10-13T08:10:24.000Z",
"first_observed": "2014-10-13T08:10:24Z",
"last_observed": "2014-10-13T08:10:24Z",
"number_observed": 1,
"object_refs": [
"url--543b88f0-6cb0-416d-b34f-4c90950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--543b88f0-6cb0-416d-b34f-4c90950d210b",
"value": "https://gist.github.com/9b/bef2907272cc770311c6"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--543b88f0-e094-42a4-b487-4595950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:10:24.000Z",
"modified": "2014-10-13T08:10:24.000Z",
"first_observed": "2014-10-13T08:10:24Z",
"last_observed": "2014-10-13T08:10:24Z",
"number_observed": 1,
"object_refs": [
"url--543b88f0-e094-42a4-b487-4595950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--543b88f0-e094-42a4-b487-4595950d210b",
"value": "https://gist.githubusercontent.com/9b/bef2907272cc770311c6/raw/6a8c5aed2c624de286bd90b5aabe77899966f80b/java-se.com.csv"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-d608-460f-9582-41e1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'jdk-7u12-windows-i586.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-edf0-4a92-b26c-4bd0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'jre.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-b9c8-4e0d-baa1-4ace950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'ud.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-b648-4ec4-a15e-4d96950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'www.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-d1d8-41bb-ad2b-4bee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'kr.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-8a84-4544-8aa2-4499950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'up.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-6860-4e41-b903-4fa7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'ns.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-58c0-42e2-9287-4a0a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'ga.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-30e4-465a-8c10-4238950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'idc.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-2504-40fe-ae28-409d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'hk.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-30b4-4446-9789-4564950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'jre76.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a74-bbc0-495c-b9ae-4c23950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:52.000Z",
"modified": "2014-10-13T08:16:52.000Z",
"pattern": "[domain-name:value = 'jre7.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a75-43a8-49fd-a26d-4711950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:53.000Z",
"modified": "2014-10-13T08:16:53.000Z",
"pattern": "[domain-name:value = 'uc.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8a75-3dd4-4839-b845-4153950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:16:53.000Z",
"modified": "2014-10-13T08:16:53.000Z",
"pattern": "[domain-name:value = '81.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-11a8-4deb-8731-48bf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.253.96.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-a494-490d-b8d1-4151950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.253.99.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-2218-4752-b796-4f81950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '119.205.217.104']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-1a98-4f36-a47e-4f6e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.7.111.133']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-7a50-4e5c-b344-4341950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.181.133.215']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-9ef0-4a68-b2e2-4635950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '10.0.1.9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-84ec-4d0d-9854-47a3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '121.78.246.174']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-1e98-4265-a4ce-4ca6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.175.143.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-f84c-421c-9825-4310950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.125.81.203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-1300-4986-b631-46c3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.172.148.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa2-2784-45b7-adc3-43ec950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:38.000Z",
"modified": "2014-10-13T08:17:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '124.248.237.26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa3-490c-436e-9e19-48a8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:39.000Z",
"modified": "2014-10-13T08:17:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.233.89.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa3-3f9c-49ca-85de-4876950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:39.000Z",
"modified": "2014-10-13T08:17:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '223.29.248.9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--543b8aa3-7b1c-4b97-a956-4f07950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-10-13T08:17:39.000Z",
"modified": "2014-10-13T08:17:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.175.143.9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-10-13T08:17:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c625f0-5078-44b2-bd77-599c950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T20:13:36.000Z",
"modified": "2016-02-18T20:13:36.000Z",
"description": "Automatically added (via 1befa2c2d1bfc8e87d52871c868f75fe)",
"pattern": "[file:hashes.SHA256 = 'd9f5eae99a2c597b07d46daf7ef96aaacb29c9a8703404c7145caa8cb7dba2ec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T20:13:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c625f1-bea4-4b39-9f48-59a1950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-18T20:13:37.000Z",
"modified": "2016-02-18T20:13:37.000Z",
"description": "Automatically added (via a482a84d13c76b950ce5bc7e75f4edef)",
"pattern": "[file:hashes.SHA256 = '423573c3ccdb46553eda81e1abab24aed4640bff8d9ebfb63eb7c67ecad74729']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-18T20:13:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:GREEN",
"definition": {
"tlp": "green"
}
}
]
}
Reference in a new issue View git blame Copy permalink