adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/55e55686-ec88-4cba-a1bb-4b06950d210b.json

854 lines
No EOL
35 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--55e55686-ec88-4cba-a1bb-4b06950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T13:53:52.000Z",
"modified": "2015-09-07T13:53:52.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--55e55686-ec88-4cba-a1bb-4b06950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T13:53:52.000Z",
"modified": "2015-09-07T13:53:52.000Z",
"name": "OSINT Defending the White Elephant by Arbor Networks",
"published": "2016-02-22T14:22:03Z",
"object_refs": [
"observed-data--55e556a3-f858-4d83-920d-441b950d210b",
"url--55e556a3-f858-4d83-920d-441b950d210b",
"observed-data--55e556a3-8258-41ef-aa7a-4f72950d210b",
"url--55e556a3-8258-41ef-aa7a-4f72950d210b",
"indicator--55ed81ed-d74c-4b1f-8d4f-4240950d210b",
"indicator--55ed81ed-b204-43b3-9913-4a8b950d210b",
"indicator--55ed81ee-0dc0-4a3b-a20d-47fa950d210b",
"indicator--55ed81ee-cab8-4e54-b7d6-48e2950d210b",
"indicator--55ed81ee-3418-4748-98de-4105950d210b",
"indicator--55ed81ee-7418-499d-831e-41ee950d210b",
"indicator--55ed81ef-01a8-4f78-afd1-41e1950d210b",
"indicator--55ed81ef-c124-4d42-b9dc-4187950d210b",
"indicator--55ed81ef-9e74-437b-9020-49df950d210b",
"indicator--55ed81f0-4f6c-491b-af5b-4306950d210b",
"indicator--55ed81f0-81e4-439f-b406-4266950d210b",
"indicator--55ed81f0-ab70-4a2a-b1fb-4916950d210b",
"indicator--55ed81f1-8bf8-4ea9-97db-4718950d210b",
"indicator--55ed81f1-0f6c-483e-b0c3-414f950d210b",
"indicator--55ed81f1-bf34-4d1c-899d-4b62950d210b",
"indicator--55ed96f0-b30c-48a1-a1ce-0275950d210b",
"indicator--55ed96f1-d66c-41cd-b21f-0275950d210b",
"indicator--55ed96f1-3fc0-4c86-81e6-0275950d210b",
"indicator--55ed96f1-ec8c-4dfb-b51e-0275950d210b",
"indicator--56c6a917-90a4-4b00-b8bf-c650950d210f",
"indicator--56c6a919-7e9c-4a1c-ab5f-c653950d210f",
"indicator--56c6a91b-2a68-41f2-a32a-599e950d210f",
"indicator--56c6a91d-8820-47ee-b2ac-c652950d210f",
"indicator--56c6a91f-538c-4eac-b354-599d950d210f",
"indicator--56c6a921-9e6c-4b19-85c3-59a4950d210f",
"indicator--56c6a918-da80-4b55-b413-c652950d210f",
"indicator--56c6a91a-e36c-49eb-a974-5f51950d210f",
"indicator--56c6a91c-b994-4d5a-88ed-435b950d210f",
"indicator--56c6a91e-b4a8-4a9a-a326-c654950d210f",
"indicator--56c6a920-8184-4d43-b7f5-45ef950d210f",
"indicator--56c6a921-afc0-47e3-94f3-599c950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55e556a3-f858-4d83-920d-441b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-01T07:41:23.000Z",
"modified": "2015-09-01T07:41:23.000Z",
"first_observed": "2015-09-01T07:41:23Z",
"last_observed": "2015-09-01T07:41:23Z",
"number_observed": 1,
"object_refs": [
"url--55e556a3-f858-4d83-920d-441b950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55e556a3-f858-4d83-920d-441b950d210b",
"value": "https://asert.arbornetworks.com/defending-the-white-elephant/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55e556a3-8258-41ef-aa7a-4f72950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-01T07:41:23.000Z",
"modified": "2015-09-01T07:41:23.000Z",
"first_observed": "2015-09-01T07:41:23Z",
"last_observed": "2015-09-01T07:41:23Z",
"number_observed": 1,
"object_refs": [
"url--55e556a3-8258-41ef-aa7a-4f72950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55e556a3-8258-41ef-aa7a-4f72950d210b",
"value": "http://pages.arbornetworks.com/rs/082-KNA-087/images/ASERT%20Threat%20Intelligence%20Brief%202015-05%20PlugX%20Threat%20Activity%20in%20Myanmar.pdf"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ed-d74c-4b1f-8d4f-4240950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:13.000Z",
"modified": "2015-09-07T12:24:13.000Z",
"pattern": "[file:hashes.MD5 = '1c7fafe58caf55568bd5f28cae1c18fd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ed-b204-43b3-9913-4a8b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:13.000Z",
"modified": "2015-09-07T12:24:13.000Z",
"pattern": "[file:hashes.MD5 = '1e36a853bc0b1d111ce726a508bc1a86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ee-0dc0-4a3b-a20d-47fa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:14.000Z",
"modified": "2015-09-07T12:24:14.000Z",
"pattern": "[file:hashes.MD5 = '532f4c671a19145cf19c34d18138da63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ee-cab8-4e54-b7d6-48e2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:14.000Z",
"modified": "2015-09-07T12:24:14.000Z",
"pattern": "[file:hashes.MD5 = '5ee5df9a5f4d16de3f880740db884f69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ee-3418-4748-98de-4105950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:14.000Z",
"modified": "2015-09-07T12:24:14.000Z",
"pattern": "[file:hashes.MD5 = '69754b86021d3daa658da15579b8f08a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ee-7418-499d-831e-41ee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:14.000Z",
"modified": "2015-09-07T12:24:14.000Z",
"pattern": "[file:hashes.MD5 = '78a9897344d756701d4674c7f559610a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ef-01a8-4f78-afd1-41e1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:15.000Z",
"modified": "2015-09-07T12:24:15.000Z",
"pattern": "[file:hashes.MD5 = '809976f3aa0ffd6860056be3b66d5092']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ef-c124-4d42-b9dc-4187950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:15.000Z",
"modified": "2015-09-07T12:24:15.000Z",
"pattern": "[file:hashes.MD5 = '884d46c01c762ad6ddd2759fd921bf71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81ef-9e74-437b-9020-49df950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:15.000Z",
"modified": "2015-09-07T12:24:15.000Z",
"pattern": "[file:hashes.MD5 = '9aceefb76c2e227c651ef6a035461b5c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81f0-4f6c-491b-af5b-4306950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:16.000Z",
"modified": "2015-09-07T12:24:16.000Z",
"pattern": "[file:hashes.MD5 = 'a1c0c364e02b3b1e0e7b8ce89b611b53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81f0-81e4-439f-b406-4266950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:16.000Z",
"modified": "2015-09-07T12:24:16.000Z",
"pattern": "[file:hashes.MD5 = 'a30262bf36b3023ef717b6e23e21bd30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81f0-ab70-4a2a-b1fb-4916950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:16.000Z",
"modified": "2015-09-07T12:24:16.000Z",
"pattern": "[file:hashes.MD5 = 'd055518ad14f3d6c40aa6ced6a2d05f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81f1-8bf8-4ea9-97db-4718950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:17.000Z",
"modified": "2015-09-07T12:24:17.000Z",
"pattern": "[file:hashes.MD5 = 'd0c5410140c15c8d148437f0f7eabcf7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81f1-0f6c-483e-b0c3-414f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:17.000Z",
"modified": "2015-09-07T12:24:17.000Z",
"pattern": "[file:hashes.MD5 = 'e2eddf6e7233ab52ad29d8f63b1727cd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed81f1-bf34-4d1c-899d-4b62950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T12:24:17.000Z",
"modified": "2015-09-07T12:24:17.000Z",
"pattern": "[file:hashes.MD5 = 'eeb631127f1b9fb3d13d209d8e675634']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T12:24:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed96f0-b30c-48a1-a1ce-0275950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T13:53:52.000Z",
"modified": "2015-09-07T13:53:52.000Z",
"pattern": "[domain-name:value = 'usacia.websecexp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T13:53:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed96f1-d66c-41cd-b21f-0275950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T13:53:53.000Z",
"modified": "2015-09-07T13:53:53.000Z",
"pattern": "[domain-name:value = 'webhttps.websecexp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T13:53:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed96f1-3fc0-4c86-81e6-0275950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T13:53:53.000Z",
"modified": "2015-09-07T13:53:53.000Z",
"pattern": "[domain-name:value = 'usafbi.websecexp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T13:53:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55ed96f1-ec8c-4dfb-b51e-0275950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-07T13:53:53.000Z",
"modified": "2015-09-07T13:53:53.000Z",
"pattern": "[domain-name:value = 'appeur.gnway.cc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-07T13:53:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a917-90a4-4b00-b8bf-c650950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:11.000Z",
"modified": "2016-02-19T05:33:11.000Z",
"description": "Automatically added (via 1c7fafe58caf55568bd5f28cae1c18fd)",
"pattern": "[file:hashes.SHA1 = '6ce4f6fe5433d803b84c5d4094a5f10220653b8e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a919-7e9c-4a1c-ab5f-c653950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:13.000Z",
"modified": "2016-02-19T05:33:13.000Z",
"description": "Automatically added (via 78a9897344d756701d4674c7f559610a)",
"pattern": "[file:hashes.SHA1 = 'c63d6a0581c6b8b3ea52555e1b4832a8730a21de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a91b-2a68-41f2-a32a-599e950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:15.000Z",
"modified": "2016-02-19T05:33:15.000Z",
"description": "Automatically added (via 884d46c01c762ad6ddd2759fd921bf71)",
"pattern": "[file:hashes.SHA1 = 'd201b130232e0ea411daa23c1ba2892fe6468712']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a91d-8820-47ee-b2ac-c652950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:17.000Z",
"modified": "2016-02-19T05:33:17.000Z",
"description": "Automatically added (via a30262bf36b3023ef717b6e23e21bd30)",
"pattern": "[file:hashes.SHA1 = '47822c1392631db74f342edd5c73c7557e74a21b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a91f-538c-4eac-b354-599d950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:19.000Z",
"modified": "2016-02-19T05:33:19.000Z",
"description": "Automatically added (via e2eddf6e7233ab52ad29d8f63b1727cd)",
"pattern": "[file:hashes.SHA1 = 'd533333381cd387581955085aefddfd68a50c8e2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a921-9e6c-4b19-85c3-59a4950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:21.000Z",
"modified": "2016-02-19T05:33:21.000Z",
"description": "Automatically added (via eeb631127f1b9fb3d13d209d8e675634)",
"pattern": "[file:hashes.SHA1 = '7b1e620f9d6d3069b8fee92758e26ecf67a2a04b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a918-da80-4b55-b413-c652950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:12.000Z",
"modified": "2016-02-19T05:33:12.000Z",
"description": "Automatically added (via 1c7fafe58caf55568bd5f28cae1c18fd)",
"pattern": "[file:hashes.SHA256 = '51df28538d8197dca53d53844f20e0de63658cfb71d57e9a9bd99b6a5fc2c54b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a91a-e36c-49eb-a974-5f51950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:14.000Z",
"modified": "2016-02-19T05:33:14.000Z",
"description": "Automatically added (via 78a9897344d756701d4674c7f559610a)",
"pattern": "[file:hashes.SHA256 = '06c5e6446fd7391722441117fb4b3f2170d808872964a94fce2242eb5ab8572d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a91c-b994-4d5a-88ed-435b950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:16.000Z",
"modified": "2016-02-19T05:33:16.000Z",
"description": "Automatically added (via 884d46c01c762ad6ddd2759fd921bf71)",
"pattern": "[file:hashes.SHA256 = '3124fcb79da0bdf9d0d1995e37b06f7929d83c1c4b60e38c104743be71170efe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a91e-b4a8-4a9a-a326-c654950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:18.000Z",
"modified": "2016-02-19T05:33:18.000Z",
"description": "Automatically added (via a30262bf36b3023ef717b6e23e21bd30)",
"pattern": "[file:hashes.SHA256 = 'ac5db170487d1a789e8b5fb1cb52f7b84086b1768b25083c50309a88a7229545']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a920-8184-4d43-b7f5-45ef950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:20.000Z",
"modified": "2016-02-19T05:33:20.000Z",
"description": "Automatically added (via e2eddf6e7233ab52ad29d8f63b1727cd)",
"pattern": "[file:hashes.SHA256 = '7558ae598348f508ee656312a214aa24073258aebc95d9a50e7a5588be2a380a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c6a921-afc0-47e3-94f3-599c950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T05:33:21.000Z",
"modified": "2016-02-19T05:33:21.000Z",
"description": "Automatically added (via eeb631127f1b9fb3d13d209d8e675634)",
"pattern": "[file:hashes.SHA256 = 'c2804080c3f45e8232b3e955611f56c9ba513a7845ddad56a588c4191d139990']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T05:33:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink